| |
| |||||||
Log-Analyse und Auswertung: Trojaner gefunden? awt43abr.exe, wgsdgsdgdsgsd.exe, ebf.exeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.10.2012, 13:17
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Trojaner gefunden? awt43abr.exe, wgsdgsdgdsgsd.exe, ebf.exe Die Sterne hast du in deinen echten Namen vorher zurückeditiert? Startet Windows noch? Wen nja, starte Windows neu im abgesicherten Modus (mit Netzwerktreibern nach Möglichkeit), manchmal hakt das Fixen mit OTL im normalen Modus aber sehr oft funktioniert der Fix im abgesicherte Modus.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
10.10.2012, 15:12
| #17 |
 | Trojaner gefunden? awt43abr.exe, wgsdgsdgdsgsd.exe, ebf.exe Hey, ja die Sterne hatte ich zurückeditiert und Windows ging noch zu starten. Im abgesicherten Modus hat OTL jetzt auch funktioniert.
__________________Code:
ATTFilter All processes killed
========== OTL ==========
Prefs.js: "129.228.15.142" removed from network.proxy.backup.ftp
Prefs.js: 80 removed from network.proxy.backup.ftp_port
Prefs.js: "129.228.15.142" removed from network.proxy.backup.socks
Prefs.js: 80 removed from network.proxy.backup.socks_port
Prefs.js: "129.228.15.142" removed from network.proxy.backup.ssl
Prefs.js: 80 removed from network.proxy.backup.ssl_port
Prefs.js: "129.228.15.142" removed from network.proxy.ftp
Prefs.js: 80 removed from network.proxy.ftp_port
Prefs.js: "129.228.15.142" removed from network.proxy.http
Prefs.js: 80 removed from network.proxy.http_port
Prefs.js: true removed from network.proxy.share_proxy_settings
Prefs.js: "129.228.15.142" removed from network.proxy.socks
Prefs.js: 80 removed from network.proxy.socks_port
Prefs.js: "129.228.15.142" removed from network.proxy.ssl
Prefs.js: 80 removed from network.proxy.ssl_port
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:016A8E80 deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:14362DF8 deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:298A4848 deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:F5D01D7C deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:1B3549F2 deleted successfully.
========== FILES ==========
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Fuzyug folder moved successfully.
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\l8z18207.default\user.js moved successfully.
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\NERO14766\Toolbar.exe moved successfully.
E:\Downloads\FHWIN.zip moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
C:\Dokumente und Einstellungen\***\Desktop\cmd.bat deleted successfully.
C:\Dokumente und Einstellungen\***\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: ***
->Temp folder emptied: 3459641 bytes
->Temporary Internet Files folder emptied: 44447 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 36209308 bytes
->Flash cache emptied: 492 bytes
User: ***
->Temp folder emptied: 544556479 bytes
->Temporary Internet Files folder emptied: 157968923 bytes
->Java cache emptied: 25614177 bytes
->FireFox cache emptied: 86674063 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 2061583 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 3216414 bytes
User: NetworkService
->Temp folder emptied: 49152 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2453834 bytes
%systemroot%\System32 .tmp files removed: 2951 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 31618039 bytes
RecycleBin emptied: 3271889543 bytes
Total Files Cleaned = 3.973,00 mb
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.69.0 log created on 10102012_160310
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
10.10.2012, 15:33
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner gefunden? awt43abr.exe, wgsdgsdgdsgsd.exe, ebf.exe Geht jetzt nur noch der Modus?
__________________
__________________ |
|
10.10.2012, 18:05
| #19 |
| | Trojaner gefunden? awt43abr.exe, wgsdgsdgdsgsd.exe, ebf.exe Nein, der normale geht auch. Soll ich den OTL-Fix auch noch im normalen Modus ausführen? |
|
10.10.2012, 20:50
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner gefunden? awt43abr.exe, wgsdgsdgdsgsd.exe, ebf.exe Nein nein wollte nur wissen ob der normale Modus gehtBitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.10.2012, 21:03
| #21 |
| | Trojaner gefunden? awt43abr.exe, wgsdgsdgdsgsd.exe, ebf.exeCode:
ATTFilter 21:54:05.0781 3048 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
21:54:07.0781 3048 ============================================================
21:54:07.0781 3048 Current date / time: 2012/10/10 21:54:07.0781
21:54:07.0781 3048 SystemInfo:
21:54:07.0781 3048
21:54:07.0781 3048 OS Version: 5.1.2600 ServicePack: 3.0
21:54:07.0781 3048 Product type: Workstation
21:54:07.0781 3048 ComputerName: ***
21:54:07.0781 3048 UserName: ***
21:54:07.0781 3048 Windows directory: C:\WINDOWS
21:54:07.0781 3048 System windows directory: C:\WINDOWS
21:54:07.0781 3048 Processor architecture: Intel x86
21:54:07.0781 3048 Number of processors: 2
21:54:07.0781 3048 Page size: 0x1000
21:54:07.0781 3048 Boot type: Normal boot
21:54:07.0781 3048 ============================================================
21:54:08.0093 3048 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:54:08.0109 3048 ============================================================
21:54:08.0109 3048 \Device\Harddisk0\DR0:
21:54:08.0109 3048 MBR partitions:
21:54:08.0109 3048 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
21:54:08.0109 3048 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A79A5, BlocksNum 0x1869E559
21:54:08.0125 3048 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E845F3D, BlocksNum 0x1BB3AE43
21:54:08.0125 3048 ============================================================
21:54:08.0156 3048 C: <-> \Device\Harddisk0\DR0\Partition1
21:54:08.0187 3048 E: <-> \Device\Harddisk0\DR0\Partition2
21:54:08.0218 3048 F: <-> \Device\Harddisk0\DR0\Partition3
21:54:08.0218 3048 ============================================================
21:54:08.0218 3048 Initialize success
21:54:08.0218 3048 ============================================================
21:54:57.0312 0724 ============================================================
21:54:57.0312 0724 Scan started
21:54:57.0312 0724 Mode: Manual; SigCheck; TDLFS;
21:54:57.0312 0724 ============================================================
21:54:57.0437 0724 ================ Scan system memory ========================
21:54:57.0437 0724 System memory - ok
21:54:57.0437 0724 ================ Scan services =============================
21:54:57.0546 0724 [ 7B78F182AFD71EB752495FF902DF1539 ] 3SRTE C:\WINDOWS\system32\drivers\3SRTE.sys
21:54:57.0687 0724 3SRTE ( UnsignedFile.Multi.Generic ) - warning
21:54:57.0687 0724 3SRTE - detected UnsignedFile.Multi.Generic (1)
21:54:57.0687 0724 Abiosdsk - ok
21:54:57.0687 0724 abp480n5 - ok
21:54:57.0718 0724 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:54:58.0031 0724 ACPI - ok
21:54:58.0046 0724 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
21:54:58.0125 0724 ACPIEC - ok
21:54:58.0140 0724 adpu160m - ok
21:54:58.0187 0724 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:54:58.0265 0724 aec - ok
21:54:58.0296 0724 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:54:58.0312 0724 AFD - ok
21:54:58.0328 0724 Aha154x - ok
21:54:58.0328 0724 aic78u2 - ok
21:54:58.0328 0724 aic78xx - ok
21:54:58.0343 0724 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:54:58.0406 0724 Alerter - ok
21:54:58.0421 0724 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
21:54:58.0453 0724 ALG - ok
21:54:58.0453 0724 AliIde - ok
21:54:58.0500 0724 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
21:54:58.0578 0724 Ambfilt - ok
21:54:58.0578 0724 amsint - ok
21:54:58.0609 0724 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:54:58.0640 0724 AppMgmt - ok
21:54:58.0671 0724 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:54:58.0734 0724 Arp1394 - ok
21:54:58.0750 0724 asc - ok
21:54:58.0750 0724 asc3350p - ok
21:54:58.0750 0724 asc3550 - ok
21:54:58.0812 0724 [ 4EABF511B1AF176A971C3271E48FA3A8 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:54:58.0843 0724 aspnet_state - ok
21:54:58.0859 0724 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:54:58.0937 0724 AsyncMac - ok
21:54:58.0953 0724 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:54:59.0031 0724 atapi - ok
21:54:59.0031 0724 Atdisk - ok
21:54:59.0062 0724 [ D2FBEB67C63AFA2F6747779B0FEE15B0 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
21:54:59.0109 0724 Ati HotKey Poller - ok
21:54:59.0125 0724 [ CA2033C7C5491B12C628A1CFDB99D75E ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
21:54:59.0140 0724 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
21:54:59.0140 0724 ATI Smart - detected UnsignedFile.Multi.Generic (1)
21:54:59.0265 0724 [ 8E280E25A7A3CA8F5F35946CDF41D434 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:54:59.0437 0724 ati2mtag - ok
21:54:59.0437 0724 [ B2A236DC65E90170A369164384EFB460 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdXP3.sys
21:54:59.0453 0724 AtiHDAudioService - ok
21:54:59.0468 0724 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:54:59.0531 0724 Atmarpc - ok
21:54:59.0546 0724 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:54:59.0625 0724 AudioSrv - ok
21:54:59.0656 0724 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:54:59.0718 0724 audstub - ok
21:54:59.0843 0724 [ 8DFA2EC772F97ED02B384DB88641B367 ] AVM IGD CTRL Service e:\programme\FRITZ!DSL\IGDCTRL.EXE
21:54:59.0843 0724 AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - warning
21:54:59.0843 0724 AVM IGD CTRL Service - detected UnsignedFile.Multi.Generic (1)
21:54:59.0859 0724 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:54:59.0953 0724 Beep - ok
21:54:59.0968 0724 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
21:55:00.0140 0724 BITS - ok
21:55:00.0156 0724 [ B42057F06BBB98B31876C0B3F2B54E33 ] Browser C:\WINDOWS\System32\browser.dll
21:55:00.0234 0724 Browser - ok
21:55:00.0234 0724 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:55:00.0312 0724 cbidf2k - ok
21:55:00.0343 0724 [ FDC06E2ADA8C468EBB161624E03976CF ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:55:00.0375 0724 CCDECODE - ok
21:55:00.0375 0724 cd20xrnt - ok
21:55:00.0390 0724 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:55:00.0468 0724 Cdaudio - ok
21:55:00.0484 0724 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:55:00.0562 0724 Cdfs - ok
21:55:00.0562 0724 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:55:00.0640 0724 Cdrom - ok
21:55:00.0640 0724 Changer - ok
21:55:00.0656 0724 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:55:00.0734 0724 CiSvc - ok
21:55:00.0750 0724 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:55:00.0828 0724 ClipSrv - ok
21:55:00.0859 0724 [ 234B1BC2796483E1F5C3F26649FB3388 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:55:00.0890 0724 clr_optimization_v2.0.50727_32 - ok
21:55:00.0890 0724 CmdIde - ok
21:55:00.0968 0724 [ 1C15404EA8FC42DAB8A7B3765ED53E58 ] CodeMeter.exe C:\Programme\CodeMeter\Runtime\bin\CodeMeter.exe
21:55:01.0062 0724 CodeMeter.exe - ok
21:55:01.0265 0724 [ 9C8D5B84E2F5B9D341D1F66A7B8F96E9 ] CoDeSys Control Win V3 E:\programme\3s Codesys\GatewayPLC\CoDeSysControlService.exe
21:55:01.0265 0724 CoDeSys Control Win V3 ( UnsignedFile.Multi.Generic ) - warning
21:55:01.0265 0724 CoDeSys Control Win V3 - detected UnsignedFile.Multi.Generic (1)
21:55:01.0328 0724 [ 6991569A2D5CA146350C28E112413121 ] CoDeSys Gateway V3 E:\programme\3s Codesys\GatewayPLC\GatewayService.exe
21:55:01.0359 0724 CoDeSys Gateway V3 ( UnsignedFile.Multi.Generic ) - warning
21:55:01.0359 0724 CoDeSys Gateway V3 - detected UnsignedFile.Multi.Generic (1)
21:55:01.0421 0724 [ 504692624FFF3A6D1F5B15EE6FE0CA50 ] CoDeSys ServiceControl E:\programme\3s Codesys\GatewayPLC\ServiceControl.exe
21:55:01.0437 0724 CoDeSys ServiceControl ( UnsignedFile.Multi.Generic ) - warning
21:55:01.0437 0724 CoDeSys ServiceControl - detected UnsignedFile.Multi.Generic (1)
21:55:01.0437 0724 COMSysApp - ok
21:55:01.0453 0724 Cpqarray - ok
21:55:01.0484 0724 CPUCooLServer - ok
21:55:01.0500 0724 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:55:01.0578 0724 CryptSvc - ok
21:55:01.0578 0724 dac2w2k - ok
21:55:01.0593 0724 dac960nt - ok
21:55:01.0625 0724 [ E970C2296916BF4A2F958680016FE312 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:55:01.0718 0724 DcomLaunch - ok
21:55:01.0765 0724 [ 1523251B9D8A5D84DE0CD23418847824 ] de_serv C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
21:55:01.0781 0724 de_serv ( UnsignedFile.Multi.Generic ) - warning
21:55:01.0781 0724 de_serv - detected UnsignedFile.Multi.Generic (1)
21:55:01.0796 0724 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:55:01.0875 0724 Dhcp - ok
21:55:01.0890 0724 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:55:01.0968 0724 Disk - ok
21:55:01.0968 0724 dmadmin - ok
21:55:02.0000 0724 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:55:02.0093 0724 dmboot - ok
21:55:02.0093 0724 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:55:02.0171 0724 dmio - ok
21:55:02.0187 0724 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:55:02.0250 0724 dmload - ok
21:55:02.0281 0724 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
21:55:02.0343 0724 dmserver - ok
21:55:02.0390 0724 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:55:02.0453 0724 DMusic - ok
21:55:02.0484 0724 [ 8C9ED3B2834AAE63081AB2DA831C6FE9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:55:02.0578 0724 Dnscache - ok
21:55:02.0593 0724 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:55:02.0671 0724 Dot3svc - ok
21:55:02.0687 0724 dpti2o - ok
21:55:02.0718 0724 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:55:02.0781 0724 drmkaud - ok
21:55:02.0796 0724 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:55:02.0875 0724 EapHost - ok
21:55:02.0968 0724 [ DEFA45E9F01878FBF6FB35103D584034 ] ENI Server E:\programme\3S\CoDeSys ENI Server\ENI.exe
21:55:03.0000 0724 ENI Server ( UnsignedFile.Multi.Generic ) - warning
21:55:03.0000 0724 ENI Server - detected UnsignedFile.Multi.Generic (1)
21:55:03.0015 0724 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:55:03.0093 0724 ERSvc - ok
21:55:03.0109 0724 [ 4BB6A83640F1D1792AD21CE767B621C6 ] Eventlog C:\WINDOWS\system32\services.exe
21:55:03.0187 0724 Eventlog - ok
21:55:03.0203 0724 [ 0F3EDAEE1EF97CF3DB2BE23A7289B78C ] EventSystem C:\WINDOWS\system32\es.dll
21:55:03.0281 0724 EventSystem - ok
21:55:03.0281 0724 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:55:03.0359 0724 Fastfat - ok
21:55:03.0375 0724 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:55:03.0390 0724 FastUserSwitchingCompatibility - ok
21:55:03.0406 0724 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
21:55:03.0484 0724 Fdc - ok
21:55:03.0500 0724 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:55:03.0578 0724 Fips - ok
21:55:03.0609 0724 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:55:03.0625 0724 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
21:55:03.0625 0724 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
21:55:03.0625 0724 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:55:03.0718 0724 Flpydisk - ok
21:55:03.0718 0724 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:55:03.0796 0724 FltMgr - ok
21:55:03.0843 0724 [ 993883524AA9CF1C90E1545411A9AC9C ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:55:03.0875 0724 FontCache3.0.0.0 - ok
21:55:03.0937 0724 [ A6F98D7FB17477E6EC99538223B54DAA ] ForceWare Intelligent Application Manager (IAM) C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
21:55:03.0937 0724 ForceWare Intelligent Application Manager (IAM) ( UnsignedFile.Multi.Generic ) - warning
21:55:03.0937 0724 ForceWare Intelligent Application Manager (IAM) - detected UnsignedFile.Multi.Generic (1)
21:55:03.0968 0724 [ B81F8778F5BB485F3B75114F0C99A49F ] ForcewareWebInterface C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
21:55:03.0968 0724 ForcewareWebInterface ( UnsignedFile.Multi.Generic ) - warning
21:55:03.0968 0724 ForcewareWebInterface - detected UnsignedFile.Multi.Generic (1)
21:55:03.0984 0724 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:55:04.0062 0724 Fs_Rec - ok
21:55:04.0062 0724 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:55:04.0140 0724 Ftdisk - ok
21:55:04.0140 0724 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:55:04.0218 0724 Gpc - ok
21:55:04.0265 0724 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
21:55:04.0265 0724 gupdate - ok
21:55:04.0281 0724 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
21:55:04.0281 0724 gupdatem - ok
21:55:04.0312 0724 [ 56BF27D7A539F9E6BBC1DE201ABA0EDF ] HdAudAddService C:\WINDOWS\system32\drivers\AtiHdAud.sys
21:55:04.0343 0724 HdAudAddService - ok
21:55:04.0343 0724 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:55:04.0421 0724 HDAudBus - ok
21:55:04.0468 0724 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:55:04.0546 0724 helpsvc - ok
21:55:04.0578 0724 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
21:55:04.0656 0724 HidServ - ok
21:55:04.0671 0724 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:55:04.0750 0724 hidusb - ok
21:55:04.0765 0724 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:55:04.0828 0724 hkmsvc - ok
21:55:04.0843 0724 hpn - ok
21:55:04.0859 0724 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:55:04.0921 0724 HTTP - ok
21:55:04.0937 0724 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:55:05.0015 0724 HTTPFilter - ok
21:55:05.0015 0724 i2omgmt - ok
21:55:05.0015 0724 i2omp - ok
21:55:05.0031 0724 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
21:55:05.0109 0724 i8042prt - ok
21:55:05.0156 0724 [ 82AC853ECF1A0E5F38EFBB86E3B04187 ] ibpcimpm C:\WINDOWS\system32\drivers\ibpcimpm.sys
21:55:05.0156 0724 ibpcimpm ( UnsignedFile.Multi.Generic ) - warning
21:55:05.0156 0724 ibpcimpm - detected UnsignedFile.Multi.Generic (1)
21:55:05.0203 0724 [ E7CC3AEAED9893A88876744CD439F76C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:55:05.0234 0724 idsvc ( UnsignedFile.Multi.Generic ) - warning
21:55:05.0234 0724 idsvc - detected UnsignedFile.Multi.Generic (1)
21:55:05.0250 0724 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:55:05.0328 0724 Imapi - ok
21:55:05.0343 0724 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
21:55:05.0421 0724 ImapiService - ok
21:55:05.0437 0724 ini910u - ok
21:55:05.0562 0724 [ 063DD51CBDC37B8668E09148E0A118BC ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:55:05.0703 0724 IntcAzAudAddService - ok
21:55:05.0718 0724 IntelIde - ok
21:55:05.0750 0724 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:55:05.0812 0724 intelppm - ok
21:55:05.0828 0724 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:55:05.0906 0724 Ip6Fw - ok
21:55:05.0937 0724 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:55:06.0000 0724 IpFilterDriver - ok
21:55:06.0000 0724 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:55:06.0078 0724 IpInIp - ok
21:55:06.0093 0724 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:55:06.0171 0724 IpNat - ok
21:55:06.0171 0724 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:55:06.0250 0724 IPSec - ok
21:55:06.0281 0724 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:55:06.0312 0724 IRENUM - ok
21:55:06.0328 0724 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:55:06.0406 0724 isapnp - ok
21:55:06.0515 0724 [ 9AA67569D5257462E230767510B0C815 ] JavaQuickStarterService E:\programme\java\jre6\bin\jqs.exe
21:55:06.0515 0724 JavaQuickStarterService - ok
21:55:06.0531 0724 [ C995C0E8B4503FAC38793BB0236AD246 ] JGOGO C:\WINDOWS\system32\DRIVERS\JGOGO.sys
21:55:06.0546 0724 JGOGO - ok
21:55:06.0562 0724 [ F4A31E66A61C0783F51157519B03280B ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys
21:55:06.0578 0724 JRAID - ok
21:55:06.0609 0724 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:55:06.0671 0724 Kbdclass - ok
21:55:06.0687 0724 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:55:06.0765 0724 kbdhid - ok
21:55:06.0765 0724 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:55:06.0859 0724 kmixer - ok
21:55:06.0875 0724 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:55:06.0937 0724 KSecDD - ok
21:55:06.0953 0724 [ D6EB4916B203CBE525F8EFF5FD5AB16C ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
21:55:07.0031 0724 LanmanServer - ok
21:55:07.0046 0724 [ C0DB1E9367681ECD7ECCA9615C1D0F9B ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:55:07.0125 0724 lanmanworkstation - ok
21:55:07.0125 0724 lbrtfdc - ok
21:55:07.0140 0724 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:55:07.0218 0724 LmHosts - ok
21:55:07.0234 0724 [ A730FC8671A60666D6E877C544DD7CD4 ] LVUSBSta C:\WINDOWS\system32\drivers\lvusbsta.sys
21:55:07.0265 0724 LVUSBSta - ok
21:55:07.0281 0724 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:55:07.0359 0724 Messenger - ok
21:55:07.0375 0724 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:55:07.0453 0724 mnmdd - ok
21:55:07.0468 0724 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
21:55:07.0546 0724 mnmsrvc - ok
21:55:07.0562 0724 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:55:07.0640 0724 Modem - ok
21:55:07.0671 0724 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
21:55:07.0703 0724 Monfilt - ok
21:55:07.0718 0724 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:55:07.0812 0724 Mouclass - ok
21:55:07.0812 0724 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:55:07.0890 0724 mouhid - ok
21:55:07.0890 0724 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:55:07.0968 0724 MountMgr - ok
21:55:07.0984 0724 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
21:55:08.0000 0724 MozillaMaintenance - ok
21:55:08.0000 0724 mraid35x - ok
21:55:08.0015 0724 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:55:08.0093 0724 MRxDAV - ok
21:55:08.0109 0724 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:55:08.0140 0724 MRxSmb - ok
21:55:08.0156 0724 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
21:55:08.0234 0724 MSDTC - ok
21:55:08.0234 0724 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:55:08.0312 0724 Msfs - ok
21:55:08.0312 0724 MSIServer - ok
21:55:08.0343 0724 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:55:08.0406 0724 MSKSSRV - ok
21:55:08.0421 0724 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:55:08.0484 0724 MSPCLOCK - ok
21:55:08.0500 0724 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:55:08.0578 0724 MSPQM - ok
21:55:08.0609 0724 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:55:08.0687 0724 mssmbios - ok
21:55:08.0734 0724 MSSQL$SQLEXPRESS - ok
21:55:08.0750 0724 [ ADAF062116B4E6D96E44D26486A87AF6 ] MSSQLServerADHelper C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe
21:55:08.0765 0724 MSSQLServerADHelper - ok
21:55:08.0765 0724 [ D5059366B361F0E1124753447AF08AA2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:55:08.0796 0724 MSTEE - ok
21:55:09.0015 0724 [ E514D0493C272AECBAC7C6C1DAC635D1 ] msvsmon90 e:\programme\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe
21:55:09.0125 0724 msvsmon90 - ok
21:55:09.0140 0724 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
21:55:09.0156 0724 MTsensor - ok
21:55:09.0171 0724 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:55:09.0203 0724 Mup - ok
21:55:09.0218 0724 [ AC31B352CE5E92704056D409834BEB74 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:55:09.0218 0724 NABTSFEC - ok
21:55:09.0375 0724 [ 07B2740CF3294B98380B9E1BF8AB05B8 ] NanoServiceMain E:\programme\panda\PSANHost.exe
21:55:09.0390 0724 NanoServiceMain - ok
21:55:09.0421 0724 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
21:55:09.0484 0724 napagent - ok
21:55:09.0531 0724 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:55:09.0593 0724 NDIS - ok
21:55:09.0625 0724 [ ABD7629CF2796250F315C1DD0B6CF7A0 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:55:09.0640 0724 NdisIP - ok
21:55:09.0671 0724 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:55:09.0687 0724 NdisTapi - ok
21:55:09.0703 0724 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:55:09.0781 0724 Ndisuio - ok
21:55:09.0796 0724 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:55:09.0859 0724 NdisWan - ok
21:55:09.0875 0724 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:55:09.0953 0724 NDProxy - ok
21:55:09.0953 0724 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:55:10.0015 0724 NetBIOS - ok
21:55:10.0031 0724 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:55:10.0109 0724 NetBT - ok
21:55:10.0125 0724 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
21:55:10.0187 0724 NetDDE - ok
21:55:10.0203 0724 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:55:10.0265 0724 NetDDEdsdm - ok
21:55:10.0296 0724 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:55:10.0375 0724 Netlogon - ok
21:55:10.0375 0724 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
21:55:10.0453 0724 Netman - ok
21:55:10.0468 0724 [ F9102685F97F9BA85F4A70AFCF722CFE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:55:10.0484 0724 NetTcpPortSharing ( UnsignedFile.Multi.Generic ) - warning
21:55:10.0484 0724 NetTcpPortSharing - detected UnsignedFile.Multi.Generic (1)
21:55:10.0484 0724 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:55:10.0546 0724 NIC1394 - ok
21:55:10.0578 0724 [ F12B9D9A069331877D006CC81B4735F9 ] Nla C:\WINDOWS\System32\mswsock.dll
21:55:10.0640 0724 Nla - ok
21:55:10.0703 0724 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess E:\programme\CDBurnerXP\NMSAccessU.exe
21:55:10.0703 0724 NMSAccess - ok
21:55:10.0718 0724 [ CFEE15A88280D369672DA0E378BBC702 ] NNSALPC C:\WINDOWS\system32\DRIVERS\NNSAlpc.sys
21:55:10.0718 0724 NNSALPC - ok
21:55:10.0734 0724 [ 2708799ADC223C4412341F0C68D032E3 ] NNSHTTP C:\WINDOWS\system32\DRIVERS\NNSHttp.sys
21:55:10.0750 0724 NNSHTTP - ok
21:55:10.0750 0724 [ 533F19056B98D9CCE466B64186905BC1 ] NNSIDS C:\WINDOWS\system32\DRIVERS\NNSIds.sys
21:55:10.0765 0724 NNSIDS - ok
21:55:10.0781 0724 [ 5F7A83B1FC6CAE3E46B215F5E5C759E9 ] NNSNAHS C:\WINDOWS\system32\DRIVERS\NNSNAHS.sys
21:55:10.0796 0724 NNSNAHS - ok
21:55:10.0812 0724 [ 1F054C5CA627FCD3983538D74574016B ] NNSPICC C:\WINDOWS\system32\DRIVERS\NNSPicc.sys
21:55:10.0812 0724 NNSPICC - ok
21:55:10.0828 0724 [ 1ABA7D70E4F029892A381C75EE144C16 ] NNSPIHS C:\WINDOWS\system32\DRIVERS\NNSPihs.sys
21:55:10.0843 0724 NNSPIHS - ok
21:55:10.0843 0724 [ 5F8C023775B8F4A0A8FFC93DD0A27285 ] NNSPOP3 C:\WINDOWS\system32\DRIVERS\NNSPop3.sys
21:55:10.0859 0724 NNSPOP3 - ok
21:55:10.0859 0724 [ CA541CE4A1FC034EEC8CFD6C155B9D30 ] NNSPROT C:\WINDOWS\system32\DRIVERS\NNSProt.sys
21:55:10.0875 0724 NNSPROT - ok
21:55:10.0890 0724 [ 938E8CCC7AC5922F2E3DBDF3E7A3035C ] NNSPRV C:\WINDOWS\system32\DRIVERS\NNSPrv.sys
21:55:10.0890 0724 NNSPRV - ok
21:55:10.0906 0724 [ 2458E950F0A0DD9AD08385209B5E1702 ] NNSSMTP C:\WINDOWS\system32\DRIVERS\NNSSmtp.sys
21:55:10.0906 0724 NNSSMTP - ok
21:55:10.0921 0724 [ 75D990651236A570C4C80ED56BFB4009 ] NNSSTRM C:\WINDOWS\system32\DRIVERS\NNSStrm.sys
21:55:10.0937 0724 NNSSTRM - ok
21:55:10.0968 0724 [ 9D526B79E7D438056ED7D382AB94019A ] NNSTLSC C:\WINDOWS\system32\DRIVERS\NNSTlsc.sys
21:55:10.0968 0724 NNSTLSC - ok
21:55:10.0984 0724 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:55:11.0062 0724 Npfs - ok
21:55:11.0078 0724 [ C98168642B15B5EC4AF116E4C30C8BAF ] nSvcIp C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
21:55:11.0078 0724 nSvcIp ( UnsignedFile.Multi.Generic ) - warning
21:55:11.0078 0724 nSvcIp - detected UnsignedFile.Multi.Generic (1)
21:55:11.0093 0724 [ 381A4EDAC8C5D4327E27387686087A99 ] nSvcLog C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
21:55:11.0093 0724 nSvcLog ( UnsignedFile.Multi.Generic ) - warning
21:55:11.0093 0724 nSvcLog - detected UnsignedFile.Multi.Generic (1)
21:55:11.0109 0724 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:55:11.0203 0724 Ntfs - ok
21:55:11.0218 0724 [ 8A2788FF5AA0FE75D7231417200406FF ] ntiomin C:\WINDOWS\system32\drivers\ntiomin.sys
21:55:11.0218 0724 ntiomin ( UnsignedFile.Multi.Generic ) - warning
21:55:11.0218 0724 ntiomin - detected UnsignedFile.Multi.Generic (1)
21:55:11.0250 0724 [ 5850C28057DDEA04390B88F8CC482504 ] ntiopnp C:\WINDOWS\system32\drivers\ntiopnp.sys
21:55:11.0250 0724 ntiopnp - ok
21:55:11.0265 0724 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
21:55:11.0328 0724 NtLmSsp - ok
21:55:11.0359 0724 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:55:11.0437 0724 NtmsSvc - ok
21:55:11.0453 0724 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:55:11.0531 0724 Null - ok
21:55:11.0546 0724 [ C03E15101F6D9E82CD9B0E7D715F5DE3 ] nvata C:\WINDOWS\system32\DRIVERS\nvata.sys
21:55:11.0562 0724 nvata - ok
21:55:11.0578 0724 [ B9333604527E02CD2223F200C0BAE7E0 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
21:55:11.0593 0724 NVENETFD - ok
21:55:11.0625 0724 [ 5E9E55F7EE644C7C5FD78A206FBE37AB ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
21:55:11.0640 0724 nvnetbus - ok
21:55:11.0656 0724 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:55:11.0718 0724 NwlnkFlt - ok
21:55:11.0734 0724 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:55:11.0796 0724 NwlnkFwd - ok
21:55:11.0796 0724 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:55:11.0875 0724 ohci1394 - ok
21:55:11.0906 0724 [ BB7B0F4BE49BF461CED8103B000D20D5 ] OpcEnum C:\WINDOWS\system32\OpcEnum.exe
21:55:11.0906 0724 OpcEnum - ok
21:55:11.0953 0724 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
21:55:11.0968 0724 ose - ok
21:55:11.0968 0724 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
21:55:12.0031 0724 Parport - ok
21:55:12.0046 0724 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:55:12.0125 0724 PartMgr - ok
21:55:12.0125 0724 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:55:12.0203 0724 ParVdm - ok
21:55:12.0203 0724 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:55:12.0265 0724 PCI - ok
21:55:12.0281 0724 PCIDump - ok
21:55:12.0312 0724 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:55:12.0375 0724 PCIIde - ok
21:55:12.0390 0724 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
21:55:12.0468 0724 Pcmcia - ok
21:55:12.0468 0724 PDCOMP - ok
21:55:12.0468 0724 PDFRAME - ok
21:55:12.0468 0724 PDRELI - ok
21:55:12.0484 0724 PDRFRAME - ok
21:55:12.0500 0724 [ 16BC447DE474A9E125DB39806714F1E1 ] pepifilter C:\WINDOWS\system32\DRIVERS\lv302af.sys
21:55:12.0500 0724 pepifilter - ok
21:55:12.0500 0724 perc2 - ok
21:55:12.0515 0724 perc2hib - ok
21:55:12.0546 0724 [ 7A31B09C7F037A1217B658465F19BBCE ] PID_08A0 C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
21:55:12.0609 0724 PID_08A0 - ok
21:55:12.0625 0724 [ 4BB6A83640F1D1792AD21CE767B621C6 ] PlugPlay C:\WINDOWS\system32\services.exe
21:55:12.0687 0724 PlugPlay - ok
21:55:12.0703 0724 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:55:12.0781 0724 PolicyAgent - ok
21:55:12.0796 0724 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:55:12.0875 0724 PptpMiniport - ok
21:55:12.0875 0724 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:55:12.0937 0724 ProtectedStorage - ok
21:55:12.0953 0724 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:55:13.0015 0724 PSched - ok
21:55:13.0046 0724 [ 8ABBC5F1492BFDE63FEAE2718A630E5C ] PSINAflt C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
21:55:13.0062 0724 PSINAflt - ok
21:55:13.0062 0724 [ D92FD5186C6ED7A0CFE5E4FA69CFEF59 ] PSINFile C:\WINDOWS\system32\DRIVERS\PSINFile.sys
21:55:13.0062 0724 PSINFile - ok
21:55:13.0078 0724 [ C24FA396FF16D8C671D9E5807A0BC8B7 ] PSINKNC C:\WINDOWS\system32\DRIVERS\psinknc.sys
21:55:13.0093 0724 PSINKNC - ok
21:55:13.0093 0724 [ C52B3E1631CFA5E3BBDE6D2558C0CC72 ] PSINProc C:\WINDOWS\system32\DRIVERS\PSINProc.sys
21:55:13.0093 0724 PSINProc - ok
21:55:13.0109 0724 [ 0E4C4813C2AA327229F387E3921E69C3 ] PSINProt C:\WINDOWS\system32\DRIVERS\PSINProt.sys
21:55:13.0109 0724 PSINProt - ok
21:55:13.0140 0724 [ 476769481841007583875023F7ECC4CA ] PSKMAD C:\WINDOWS\system32\DRIVERS\PSKMAD.sys
21:55:13.0156 0724 PSKMAD - ok
21:55:13.0187 0724 [ 98A9D3236C6301503571DE79B86E8538 ] PSUAService E:\programme\panda\PSUAService.exe
21:55:13.0187 0724 PSUAService - ok
21:55:13.0218 0724 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:55:13.0281 0724 Ptilink - ok
21:55:13.0281 0724 ql1080 - ok
21:55:13.0281 0724 Ql10wnt - ok
21:55:13.0296 0724 ql12160 - ok
21:55:13.0296 0724 ql1240 - ok
21:55:13.0296 0724 ql1280 - ok
21:55:13.0328 0724 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:55:13.0406 0724 RasAcd - ok
21:55:13.0437 0724 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:55:13.0515 0724 RasAuto - ok
21:55:13.0515 0724 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:55:13.0593 0724 Rasl2tp - ok
21:55:13.0625 0724 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:55:13.0687 0724 RasMan - ok
21:55:13.0687 0724 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:55:13.0765 0724 RasPppoe - ok
21:55:13.0765 0724 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:55:13.0828 0724 Raspti - ok
21:55:13.0859 0724 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:55:13.0921 0724 Rdbss - ok
21:55:13.0921 0724 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:55:14.0000 0724 RDPCDD - ok
21:55:14.0031 0724 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:55:14.0093 0724 rdpdr - ok
21:55:14.0125 0724 [ FC105DD312ED64EB66BFF111E8EC6EAC ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:55:14.0156 0724 RDPWD - ok
21:55:14.0171 0724 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:55:14.0250 0724 RDSessMgr - ok
21:55:14.0265 0724 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:55:14.0328 0724 redbook - ok
21:55:14.0359 0724 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:55:14.0421 0724 RemoteAccess - ok
21:55:14.0453 0724 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:55:14.0515 0724 RemoteRegistry - ok
21:55:14.0546 0724 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
21:55:14.0609 0724 RpcLocator - ok
21:55:14.0640 0724 [ E970C2296916BF4A2F958680016FE312 ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:55:14.0703 0724 RpcSs - ok
21:55:14.0718 0724 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
21:55:14.0796 0724 RSVP - ok
21:55:14.0812 0724 [ DC9CB32D3749AEB37C3250C3274121A5 ] RTIOdrvAPIC C:\WINDOWS\system32\drivers\RTIOdrvAPIC.sys
21:55:14.0812 0724 RTIOdrvAPIC ( UnsignedFile.Multi.Generic ) - warning
21:55:14.0812 0724 RTIOdrvAPIC - detected UnsignedFile.Multi.Generic (1)
21:55:14.0859 0724 [ 4F7D38311DD316437CDFCA78AEA67733 ] RTIOdrvApplicom C:\WINDOWS\system32\drivers\RTIOdrvApplicom.sys
21:55:14.0859 0724 RTIOdrvApplicom ( UnsignedFile.Multi.Generic ) - warning
21:55:14.0859 0724 RTIOdrvApplicom - detected UnsignedFile.Multi.Generic (1)
21:55:14.0890 0724 [ 9391853D25F5A5B5769CB4B6E014199C ] RTIOdrvAutomata C:\WINDOWS\system32\drivers\RTIOdrvAutomata.sys
21:55:14.0906 0724 RTIOdrvAutomata ( UnsignedFile.Multi.Generic ) - warning
21:55:14.0906 0724 RTIOdrvAutomata - detected UnsignedFile.Multi.Generic (1)
21:55:14.0953 0724 [ CF48B576AC493546303ACC9E119970C6 ] RTIOdrvCP5613 C:\WINDOWS\system32\drivers\RTIOdrvCP5613.sys
21:55:14.0968 0724 RTIOdrvCP5613 ( UnsignedFile.Multi.Generic ) - warning
21:55:14.0968 0724 RTIOdrvCP5613 - detected UnsignedFile.Multi.Generic (1)
21:55:15.0000 0724 [ 4B2A5274EFB5EA9D9CE5714CE46E6AC8 ] RTIOdrvDAMP C:\WINDOWS\system32\drivers\RTIOdrvDAMP.sys
21:55:15.0000 0724 RTIOdrvDAMP ( UnsignedFile.Multi.Generic ) - warning
21:55:15.0000 0724 RTIOdrvDAMP - detected UnsignedFile.Multi.Generic (1)
21:55:15.0015 0724 [ 0A7A2D1DF3129E581A183B0C048FE1F5 ] RTIOdrvFC310x C:\WINDOWS\system32\drivers\RTIOdrvFC310x.sys
21:55:15.0015 0724 RTIOdrvFC310x ( UnsignedFile.Multi.Generic ) - warning
21:55:15.0015 0724 RTIOdrvFC310x - detected UnsignedFile.Multi.Generic (1)
21:55:15.0031 0724 [ 21CE27D9F015C7DE78C220B1D6316A3A ] RTIOdrvHilscherDPM C:\WINDOWS\system32\drivers\RTIOdrvHilscherDPM.sys
21:55:15.0046 0724 RTIOdrvHilscherDPM ( UnsignedFile.Multi.Generic ) - warning
21:55:15.0046 0724 RTIOdrvHilscherDPM - detected UnsignedFile.Multi.Generic (1)
21:55:15.0062 0724 [ D2F41F9E0F0F58EB79F269D8F0ECAD4D ] RTIOdrvHMS C:\WINDOWS\system32\drivers\RTIOdrvHMS.sys
21:55:15.0062 0724 RTIOdrvHMS ( UnsignedFile.Multi.Generic ) - warning
21:55:15.0062 0724 RTIOdrvHMS - detected UnsignedFile.Multi.Generic (1)
21:55:15.0093 0724 [ 10997FCD12441587E2AFC51FBCCDA286 ] RTIOdrvKuhnkePBM C:\WINDOWS\system32\drivers\RTIOdrvKuhnkePBM.sys
21:55:15.0093 0724 RTIOdrvKuhnkePBM ( UnsignedFile.Multi.Generic ) - warning
21:55:15.0093 0724 RTIOdrvKuhnkePBM - detected UnsignedFile.Multi.Generic (1)
21:55:15.0125 0724 [ 8E4667211F883426456B8237FC83C326 ] RTIOdrvSJA C:\WINDOWS\system32\drivers\RTIOdrvSJA.sys
21:55:15.0125 0724 RTIOdrvSJA ( UnsignedFile.Multi.Generic ) - warning
21:55:15.0125 0724 RTIOdrvSJA - detected UnsignedFile.Multi.Generic (1)
21:55:15.0203 0724 [ 0BB70D0CEF694D7FC7C9BDEC9B4D4496 ] RTService E:\programme\3S\CoDeSys SP RTE\RTService.exe
21:55:15.0218 0724 RTService ( UnsignedFile.Multi.Generic ) - warning
21:55:15.0218 0724 RTService - detected UnsignedFile.Multi.Generic (1)
21:55:15.0250 0724 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
21:55:15.0312 0724 SamSs - ok
21:55:15.0343 0724 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:55:15.0406 0724 SCardSvr - ok
21:55:15.0453 0724 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:55:15.0515 0724 Schedule - ok
21:55:15.0531 0724 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:55:15.0562 0724 Secdrv - ok
21:55:15.0578 0724 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
21:55:15.0656 0724 seclogon - ok
21:55:15.0671 0724 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
21:55:15.0750 0724 SENS - ok
21:55:15.0750 0724 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
21:55:15.0828 0724 serenum - ok
21:55:15.0828 0724 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
21:55:15.0906 0724 Serial - ok
21:55:15.0906 0724 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:55:15.0984 0724 Sfloppy - ok
21:55:16.0000 0724 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:55:16.0062 0724 SharedAccess - ok
21:55:16.0093 0724 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:55:16.0093 0724 ShellHWDetection - ok
21:55:16.0109 0724 Simbad - ok
21:55:16.0140 0724 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
21:55:16.0140 0724 SkypeUpdate - ok
21:55:16.0171 0724 [ 1FFC44D6787EC1EA9A2B1440A90FA5C1 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:55:16.0187 0724 SLIP - ok
21:55:16.0187 0724 Sparrow - ok
21:55:16.0203 0724 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:55:16.0265 0724 splitter - ok
21:55:16.0296 0724 [ 39356A9CDB6753A6D13A4072A9F5A4BB ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:55:16.0359 0724 Spooler - ok
21:55:16.0375 0724 [ 71E276F6D189413266EA22171806597B ] sptd C:\WINDOWS\System32\Drivers\sptd.sys
21:55:16.0406 0724 sptd - ok
21:55:16.0421 0724 [ D2B096CD2F56FAC6EEEED9A77DDF6DC8 ] SQLBrowser C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:55:16.0437 0724 SQLBrowser - ok
21:55:16.0453 0724 [ 54902536AAD0E9B99BC65F89C0CAF93F ] SQLWriter C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:55:16.0468 0724 SQLWriter - ok
21:55:16.0500 0724 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:55:16.0531 0724 sr - ok
21:55:16.0546 0724 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
21:55:16.0578 0724 srservice - ok
21:55:16.0609 0724 [ 5252605079810904E31C332E241CD59B ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:55:16.0687 0724 Srv - ok
21:55:16.0703 0724 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:55:16.0734 0724 SSDPSRV - ok
21:55:16.0750 0724 [ F92254B0BCFCD10CAAC7BCCC7CB7F467 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
21:55:16.0750 0724 StarOpen ( UnsignedFile.Multi.Generic ) - warning
21:55:16.0750 0724 StarOpen - detected UnsignedFile.Multi.Generic (1)
21:55:16.0781 0724 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:55:16.0859 0724 stisvc - ok
21:55:16.0875 0724 [ A9F9FD0212E572B84EDB9EB661F6BC04 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:55:16.0890 0724 streamip - ok
21:55:16.0890 0724 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:55:16.0953 0724 swenum - ok
21:55:16.0968 0724 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:55:17.0031 0724 swmidi - ok
21:55:17.0046 0724 SwPrv - ok
21:55:17.0046 0724 symc810 - ok
21:55:17.0046 0724 symc8xx - ok
21:55:17.0062 0724 sym_hi - ok
21:55:17.0062 0724 sym_u3 - ok
21:55:17.0062 0724 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:55:17.0140 0724 sysaudio - ok
21:55:17.0156 0724 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:55:17.0234 0724 SysmonLog - ok
21:55:17.0265 0724 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:55:17.0343 0724 TapiSrv - ok
21:55:17.0359 0724 [ 68F06FE0021B01E670AF37B8C5964FDF ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:55:17.0359 0724 Tcpip ( UnsignedFile.Multi.Generic ) - warning
21:55:17.0359 0724 Tcpip - detected UnsignedFile.Multi.Generic (1)
21:55:17.0390 0724 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:55:17.0453 0724 TDPIPE - ok
21:55:17.0468 0724 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:55:17.0546 0724 TDTCP - ok
21:55:17.0562 0724 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:55:17.0640 0724 TermDD - ok
21:55:17.0671 0724 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
21:55:17.0750 0724 TermService - ok
21:55:17.0765 0724 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
21:55:17.0781 0724 Themes - ok
21:55:17.0812 0724 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
21:55:17.0843 0724 TlntSvr - ok
21:55:17.0843 0724 TosIde - ok
21:55:17.0859 0724 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:55:17.0937 0724 TrkWks - ok
21:55:17.0953 0724 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:55:18.0031 0724 Udfs - ok
21:55:18.0031 0724 ultra - ok
21:55:18.0046 0724 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
21:55:18.0093 0724 UMWdf - ok
21:55:18.0125 0724 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:55:18.0203 0724 Update - ok
21:55:18.0203 0724 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:55:18.0250 0724 upnphost - ok
21:55:18.0265 0724 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
21:55:18.0328 0724 UPS - ok
21:55:18.0359 0724 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
21:55:18.0421 0724 usbaudio - ok
21:55:18.0437 0724 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:55:18.0515 0724 usbccgp - ok
21:55:18.0515 0724 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:55:18.0593 0724 usbehci - ok
21:55:18.0593 0724 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:55:18.0671 0724 usbhub - ok
21:55:18.0687 0724 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:55:18.0750 0724 usbohci - ok
21:55:18.0781 0724 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:55:18.0843 0724 USBSTOR - ok
21:55:18.0859 0724 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:55:18.0921 0724 VgaSave - ok
21:55:18.0921 0724 ViaIde - ok
21:55:18.0937 0724 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:55:19.0000 0724 VolSnap - ok
21:55:19.0015 0724 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
21:55:19.0046 0724 VSS - ok
21:55:19.0062 0724 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
21:55:19.0140 0724 W32Time - ok
21:55:19.0140 0724 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:55:19.0218 0724 Wanarp - ok
21:55:19.0218 0724 WDICA - ok
21:55:19.0234 0724 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:55:19.0296 0724 wdmaud - ok
21:55:19.0312 0724 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:55:19.0375 0724 WebClient - ok
21:55:19.0421 0724 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:55:19.0484 0724 winmgmt - ok
21:55:19.0515 0724 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:55:19.0531 0724 WmdmPmSN - ok
21:55:19.0562 0724 [ 53E1CCF332A2F40B5E08476921CD8B44 ] Wmi C:\WINDOWS\System32\advapi32.dll
21:55:19.0656 0724 Wmi - ok
21:55:19.0671 0724 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:55:19.0734 0724 WmiApSrv - ok
21:55:19.0765 0724 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:55:19.0843 0724 WS2IFSL - ok
21:55:19.0843 0724 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:55:19.0921 0724 wscsvc - ok
21:55:19.0953 0724 [ 233CDD1C06942115802EB7CE6669E099 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:55:19.0953 0724 WSTCODEC - ok
21:55:19.0968 0724 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:55:20.0093 0724 wuauserv - ok
21:55:20.0125 0724 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:55:20.0203 0724 WZCSVC - ok
21:55:20.0203 0724 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:55:20.0312 0724 xmlprov - ok
21:55:20.0328 0724 ================ Scan global ===============================
21:55:20.0343 0724 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
21:55:20.0359 0724 [ 4CD408F799D4A72B0DE1F1116A77A48E ] C:\WINDOWS\system32\winsrv.dll
21:55:20.0375 0724 [ 4CD408F799D4A72B0DE1F1116A77A48E ] C:\WINDOWS\system32\winsrv.dll
21:55:20.0390 0724 [ 4BB6A83640F1D1792AD21CE767B621C6 ] C:\WINDOWS\system32\services.exe
21:55:20.0390 0724 [Global] - ok
21:55:20.0390 0724 ================ Scan MBR ==================================
21:55:20.0406 0724 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
21:55:20.0609 0724 \Device\Harddisk0\DR0 - ok
21:55:20.0609 0724 ================ Scan VBR ==================================
21:55:20.0609 0724 [ 22A128A5FBC0968718F84ECC8245F120 ] \Device\Harddisk0\DR0\Partition1
21:55:20.0609 0724 \Device\Harddisk0\DR0\Partition1 - ok
21:55:20.0609 0724 [ 5F1178C9F8123418E398130A9C9C65C6 ] \Device\Harddisk0\DR0\Partition2
21:55:20.0609 0724 \Device\Harddisk0\DR0\Partition2 - ok
21:55:20.0640 0724 [ 887854459EF0FF587CA451B229A1F9B1 ] \Device\Harddisk0\DR0\Partition3
21:55:20.0640 0724 \Device\Harddisk0\DR0\Partition3 - ok
21:55:20.0640 0724 ============================================================
21:55:20.0640 0724 Scan finished
21:55:20.0640 0724 ============================================================
21:55:20.0765 2412 Detected object count: 30
21:55:20.0765 2412 Actual detected object count: 30
21:56:09.0843 2412 3SRTE ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0843 2412 3SRTE ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0843 2412 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0843 2412 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0843 2412 AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0843 2412 AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412 CoDeSys Control Win V3 ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412 CoDeSys Control Win V3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412 CoDeSys Gateway V3 ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412 CoDeSys Gateway V3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412 CoDeSys ServiceControl ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412 CoDeSys ServiceControl ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412 de_serv ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412 de_serv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412 ENI Server ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412 ENI Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412 ForceWare Intelligent Application Manager (IAM) ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412 ForceWare Intelligent Application Manager (IAM) ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412 ForcewareWebInterface ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412 ForcewareWebInterface ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412 ibpcimpm ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412 ibpcimpm ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412 idsvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412 idsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412 NetTcpPortSharing ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412 NetTcpPortSharing ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412 nSvcIp ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412 nSvcIp ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412 nSvcLog ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412 nSvcLog ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412 ntiomin ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412 ntiomin ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412 RTIOdrvAPIC ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412 RTIOdrvAPIC ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412 RTIOdrvApplicom ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412 RTIOdrvApplicom ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412 RTIOdrvAutomata ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412 RTIOdrvAutomata ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412 RTIOdrvCP5613 ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412 RTIOdrvCP5613 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412 RTIOdrvDAMP ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412 RTIOdrvDAMP ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412 RTIOdrvFC310x ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412 RTIOdrvFC310x ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412 RTIOdrvHilscherDPM ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412 RTIOdrvHilscherDPM ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412 RTIOdrvHMS ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412 RTIOdrvHMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412 RTIOdrvKuhnkePBM ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412 RTIOdrvKuhnkePBM ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412 RTIOdrvSJA ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412 RTIOdrvSJA ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412 RTService ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412 RTService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0890 2412 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0890 2412 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0890 2412 Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0890 2412 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:24.0500 2436 ============================================================
21:56:24.0500 2436 Scan started
21:56:24.0500 2436 Mode: Manual; SigCheck; TDLFS;
21:56:24.0500 2436 ============================================================
21:56:24.0734 2436 ================ Scan system memory ========================
21:56:24.0734 2436 System memory - ok
21:56:24.0734 2436 ================ Scan services =============================
21:56:24.0859 2436 [ 7B78F182AFD71EB752495FF902DF1539 ] 3SRTE C:\WINDOWS\system32\drivers\3SRTE.sys
21:56:24.0875 2436 3SRTE ( UnsignedFile.Multi.Generic ) - warning
21:56:24.0875 2436 3SRTE - detected UnsignedFile.Multi.Generic (1)
21:56:24.0875 2436 Abiosdsk - ok
21:56:24.0875 2436 abp480n5 - ok
21:56:24.0906 2436 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:56:25.0000 2436 ACPI - ok
21:56:25.0015 2436 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
21:56:25.0109 2436 ACPIEC - ok
21:56:25.0109 2436 adpu160m - ok
21:56:25.0140 2436 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:56:25.0218 2436 aec - ok
21:56:25.0265 2436 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:56:25.0281 2436 AFD - ok
21:56:25.0281 2436 Aha154x - ok
21:56:25.0281 2436 aic78u2 - ok
21:56:25.0281 2436 aic78xx - ok
21:56:25.0296 2436 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:56:25.0359 2436 Alerter - ok
21:56:25.0359 2436 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
21:56:25.0406 2436 ALG - ok
21:56:25.0406 2436 AliIde - ok
21:56:25.0453 2436 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
21:56:25.0500 2436 Ambfilt - ok
21:56:25.0500 2436 amsint - ok
21:56:25.0515 2436 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:56:25.0562 2436 AppMgmt - ok
21:56:25.0578 2436 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:56:25.0656 2436 Arp1394 - ok
21:56:25.0656 2436 asc - ok
21:56:25.0656 2436 asc3350p - ok
21:56:25.0656 2436 asc3550 - ok
21:56:25.0718 2436 [ 4EABF511B1AF176A971C3271E48FA3A8 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:56:25.0734 2436 aspnet_state - ok
21:56:25.0750 2436 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:56:25.0812 2436 AsyncMac - ok
21:56:25.0812 2436 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:56:25.0890 2436 atapi - ok
21:56:25.0890 2436 Atdisk - ok
21:56:25.0921 2436 [ D2FBEB67C63AFA2F6747779B0FEE15B0 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
21:56:25.0937 2436 Ati HotKey Poller - ok
21:56:25.0984 2436 [ CA2033C7C5491B12C628A1CFDB99D75E ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
21:56:25.0984 2436 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
21:56:25.0984 2436 ATI Smart - detected UnsignedFile.Multi.Generic (1)
21:56:26.0109 2436 [ 8E280E25A7A3CA8F5F35946CDF41D434 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:56:26.0265 2436 ati2mtag - ok
21:56:26.0281 2436 [ B2A236DC65E90170A369164384EFB460 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdXP3.sys
21:56:26.0281 2436 AtiHDAudioService - ok
21:56:26.0296 2436 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:56:26.0359 2436 Atmarpc - ok
21:56:26.0375 2436 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:56:26.0437 2436 AudioSrv - ok
21:56:26.0453 2436 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:56:26.0531 2436 audstub - ok
21:56:26.0656 2436 [ 8DFA2EC772F97ED02B384DB88641B367 ] AVM IGD CTRL Service e:\programme\FRITZ!DSL\IGDCTRL.EXE
21:56:26.0656 2436 AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - warning
21:56:26.0656 2436 AVM IGD CTRL Service - detected UnsignedFile.Multi.Generic (1)
21:56:26.0687 2436 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:56:26.0750 2436 Beep - ok
21:56:26.0765 2436 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
21:56:26.0843 2436 BITS - ok
21:56:26.0859 2436 [ B42057F06BBB98B31876C0B3F2B54E33 ] Browser C:\WINDOWS\System32\browser.dll
21:56:26.0937 2436 Browser - ok
21:56:26.0953 2436 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:56:27.0015 2436 cbidf2k - ok
21:56:27.0031 2436 [ FDC06E2ADA8C468EBB161624E03976CF ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:56:27.0046 2436 CCDECODE - ok
21:56:27.0046 2436 cd20xrnt - ok
21:56:27.0062 2436 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:56:27.0125 2436 Cdaudio - ok
21:56:27.0140 2436 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:56:27.0203 2436 Cdfs - ok
21:56:27.0218 2436 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:56:27.0281 2436 Cdrom - ok
21:56:27.0281 2436 Changer - ok
21:56:27.0312 2436 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:56:27.0375 2436 CiSvc - ok
21:56:27.0390 2436 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:56:27.0468 2436 ClipSrv - ok
21:56:27.0484 2436 [ 234B1BC2796483E1F5C3F26649FB3388 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:56:27.0484 2436 clr_optimization_v2.0.50727_32 - ok
21:56:27.0500 2436 CmdIde - ok
21:56:27.0593 2436 [ 1C15404EA8FC42DAB8A7B3765ED53E58 ] CodeMeter.exe C:\Programme\CodeMeter\Runtime\bin\CodeMeter.exe
21:56:27.0656 2436 CodeMeter.exe - ok
21:56:27.0859 2436 [ 9C8D5B84E2F5B9D341D1F66A7B8F96E9 ] CoDeSys Control Win V3 E:\programme\3s Codesys\GatewayPLC\CoDeSysControlService.exe
21:56:27.0859 2436 CoDeSys Control Win V3 ( UnsignedFile.Multi.Generic ) - warning
21:56:27.0859 2436 CoDeSys Control Win V3 - detected UnsignedFile.Multi.Generic (1)
21:56:27.0921 2436 [ 6991569A2D5CA146350C28E112413121 ] CoDeSys Gateway V3 E:\programme\3s Codesys\GatewayPLC\GatewayService.exe
21:56:27.0937 2436 CoDeSys Gateway V3 ( UnsignedFile.Multi.Generic ) - warning
21:56:27.0937 2436 CoDeSys Gateway V3 - detected UnsignedFile.Multi.Generic (1)
21:56:27.0984 2436 [ 504692624FFF3A6D1F5B15EE6FE0CA50 ] CoDeSys ServiceControl E:\programme\3s Codesys\GatewayPLC\ServiceControl.exe
21:56:28.0000 2436 CoDeSys ServiceControl ( UnsignedFile.Multi.Generic ) - warning
21:56:28.0000 2436 CoDeSys ServiceControl - detected UnsignedFile.Multi.Generic (1)
21:56:28.0000 2436 COMSysApp - ok
21:56:28.0000 2436 Cpqarray - ok
21:56:28.0046 2436 CPUCooLServer - ok
21:56:28.0078 2436 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:56:28.0140 2436 CryptSvc - ok
21:56:28.0140 2436 dac2w2k - ok
21:56:28.0156 2436 dac960nt - ok
21:56:28.0187 2436 [ E970C2296916BF4A2F958680016FE312 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:56:28.0265 2436 DcomLaunch - ok
21:56:28.0296 2436 [ 1523251B9D8A5D84DE0CD23418847824 ] de_serv C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
21:56:28.0312 2436 de_serv ( UnsignedFile.Multi.Generic ) - warning
21:56:28.0312 2436 de_serv - detected UnsignedFile.Multi.Generic (1)
21:56:28.0328 2436 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:56:28.0390 2436 Dhcp - ok
21:56:28.0406 2436 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:56:28.0468 2436 Disk - ok
21:56:28.0468 2436 dmadmin - ok
21:56:28.0515 2436 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:56:28.0593 2436 dmboot - ok
21:56:28.0593 2436 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:56:28.0671 2436 dmio - ok
21:56:28.0671 2436 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:56:28.0750 2436 dmload - ok
21:56:28.0765 2436 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
21:56:28.0828 2436 dmserver - ok
21:56:28.0859 2436 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:56:28.0921 2436 DMusic - ok
21:56:28.0937 2436 [ 8C9ED3B2834AAE63081AB2DA831C6FE9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:56:29.0015 2436 Dnscache - ok
21:56:29.0031 2436 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:56:29.0093 2436 Dot3svc - ok
21:56:29.0093 2436 dpti2o - ok
21:56:29.0125 2436 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:56:29.0187 2436 drmkaud - ok
21:56:29.0203 2436 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:56:29.0265 2436 EapHost - ok
21:56:29.0375 2436 [ DEFA45E9F01878FBF6FB35103D584034 ] ENI Server E:\programme\3S\CoDeSys ENI Server\ENI.exe
21:56:29.0375 2436 ENI Server ( UnsignedFile.Multi.Generic ) - warning
21:56:29.0375 2436 ENI Server - detected UnsignedFile.Multi.Generic (1)
21:56:29.0390 2436 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:56:29.0453 2436 ERSvc - ok
21:56:29.0484 2436 [ 4BB6A83640F1D1792AD21CE767B621C6 ] Eventlog C:\WINDOWS\system32\services.exe
21:56:29.0546 2436 Eventlog - ok
21:56:29.0562 2436 [ 0F3EDAEE1EF97CF3DB2BE23A7289B78C ] EventSystem C:\WINDOWS\system32\es.dll
21:56:29.0640 2436 EventSystem - ok
21:56:29.0640 2436 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:56:29.0718 2436 Fastfat - ok
21:56:29.0734 2436 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:56:29.0750 2436 FastUserSwitchingCompatibility - ok
21:56:29.0750 2436 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
21:56:29.0828 2436 Fdc - ok
21:56:29.0828 2436 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:56:29.0906 2436 Fips - ok
21:56:29.0937 2436 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:56:29.0953 2436 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
21:56:29.0953 2436 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
21:56:29.0953 2436 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:56:30.0015 2436 Flpydisk - ok
21:56:30.0046 2436 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:56:30.0109 2436 FltMgr - ok
21:56:30.0156 2436 [ 993883524AA9CF1C90E1545411A9AC9C ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:56:30.0171 2436 FontCache3.0.0.0 - ok
21:56:30.0234 2436 [ A6F98D7FB17477E6EC99538223B54DAA ] ForceWare Intelligent Application Manager (IAM) C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
21:56:30.0234 2436 ForceWare Intelligent Application Manager (IAM) ( UnsignedFile.Multi.Generic ) - warning
21:56:30.0234 2436 ForceWare Intelligent Application Manager (IAM) - detected UnsignedFile.Multi.Generic (1)
21:56:30.0265 2436 [ B81F8778F5BB485F3B75114F0C99A49F ] ForcewareWebInterface C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
21:56:30.0265 2436 ForcewareWebInterface ( UnsignedFile.Multi.Generic ) - warning
21:56:30.0265 2436 ForcewareWebInterface - detected UnsignedFile.Multi.Generic (1)
21:56:30.0281 2436 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:56:30.0359 2436 Fs_Rec - ok
21:56:30.0359 2436 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:56:30.0421 2436 Ftdisk - ok
21:56:30.0437 2436 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:56:30.0500 2436 Gpc - ok
21:56:30.0546 2436 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
21:56:30.0546 2436 gupdate - ok
21:56:30.0562 2436 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
21:56:30.0562 2436 gupdatem - ok
21:56:30.0593 2436 [ 56BF27D7A539F9E6BBC1DE201ABA0EDF ] HdAudAddService C:\WINDOWS\system32\drivers\AtiHdAud.sys
21:56:30.0593 2436 HdAudAddService - ok
21:56:30.0609 2436 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:56:30.0687 2436 HDAudBus - ok
21:56:30.0703 2436 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:56:30.0781 2436 helpsvc - ok
21:56:30.0796 2436 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
21:56:30.0859 2436 HidServ - ok
21:56:30.0875 2436 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:56:30.0937 2436 hidusb - ok
21:56:30.0953 2436 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:56:31.0031 2436 hkmsvc - ok
21:56:31.0031 2436 hpn - ok
21:56:31.0046 2436 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:56:31.0109 2436 HTTP - ok
21:56:31.0140 2436 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:56:31.0218 2436 HTTPFilter - ok
21:56:31.0218 2436 i2omgmt - ok
21:56:31.0218 2436 i2omp - ok
21:56:31.0250 2436 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
21:56:31.0312 2436 i8042prt - ok
21:56:31.0359 2436 [ 82AC853ECF1A0E5F38EFBB86E3B04187 ] ibpcimpm C:\WINDOWS\system32\drivers\ibpcimpm.sys
21:56:31.0359 2436 ibpcimpm ( UnsignedFile.Multi.Generic ) - warning
21:56:31.0359 2436 ibpcimpm - detected UnsignedFile.Multi.Generic (1)
21:56:31.0421 2436 [ E7CC3AEAED9893A88876744CD439F76C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:56:31.0437 2436 idsvc ( UnsignedFile.Multi.Generic ) - warning
21:56:31.0437 2436 idsvc - detected UnsignedFile.Multi.Generic (1)
21:56:31.0437 2436 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:56:31.0500 2436 Imapi - ok
21:56:31.0531 2436 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
21:56:31.0609 2436 ImapiService - ok
21:56:31.0609 2436 ini910u - ok
21:56:31.0734 2436 [ 063DD51CBDC37B8668E09148E0A118BC ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:56:31.0875 2436 IntcAzAudAddService - ok
21:56:31.0890 2436 IntelIde - ok
21:56:31.0890 2436 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:56:31.0968 2436 intelppm - ok
21:56:31.0968 2436 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:56:32.0046 2436 Ip6Fw - ok
21:56:32.0062 2436 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:56:32.0125 2436 IpFilterDriver - ok
21:56:32.0125 2436 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:56:32.0203 2436 IpInIp - ok
21:56:32.0218 2436 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:56:32.0281 2436 IpNat - ok
21:56:32.0296 2436 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:56:32.0359 2436 IPSec - ok
21:56:32.0390 2436 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:56:32.0421 2436 IRENUM - ok
21:56:32.0437 2436 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:56:32.0500 2436 isapnp - ok
21:56:32.0593 2436 [ 9AA67569D5257462E230767510B0C815 ] JavaQuickStarterService E:\programme\java\jre6\bin\jqs.exe
21:56:32.0609 2436 JavaQuickStarterService - ok
21:56:32.0625 2436 [ C995C0E8B4503FAC38793BB0236AD246 ] JGOGO C:\WINDOWS\system32\DRIVERS\JGOGO.sys
21:56:32.0625 2436 JGOGO - ok
21:56:32.0640 2436 [ F4A31E66A61C0783F51157519B03280B ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys
21:56:32.0656 2436 JRAID - ok
21:56:32.0687 2436 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:56:32.0765 2436 Kbdclass - ok
21:56:32.0781 2436 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:56:32.0843 2436 kbdhid - ok
21:56:32.0843 2436 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:56:32.0921 2436 kmixer - ok
21:56:32.0921 2436 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:56:33.0000 2436 KSecDD - ok
21:56:33.0015 2436 [ D6EB4916B203CBE525F8EFF5FD5AB16C ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
21:56:33.0093 2436 LanmanServer - ok
21:56:33.0109 2436 [ C0DB1E9367681ECD7ECCA9615C1D0F9B ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:56:33.0187 2436 lanmanworkstation - ok
21:56:33.0187 2436 lbrtfdc - ok
21:56:33.0203 2436 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:56:33.0265 2436 LmHosts - ok
21:56:33.0281 2436 [ A730FC8671A60666D6E877C544DD7CD4 ] LVUSBSta C:\WINDOWS\system32\drivers\lvusbsta.sys
21:56:33.0296 2436 LVUSBSta - ok
21:56:33.0312 2436 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:56:33.0375 2436 Messenger - ok
21:56:33.0390 2436 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:56:33.0453 2436 mnmdd - ok
21:56:33.0484 2436 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
21:56:33.0562 2436 mnmsrvc - ok
21:56:33.0562 2436 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:56:33.0640 2436 Modem - ok
21:56:33.0671 2436 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
21:56:33.0703 2436 Monfilt - ok
21:56:33.0703 2436 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:56:33.0781 2436 Mouclass - ok
21:56:33.0796 2436 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:56:33.0859 2436 mouhid - ok
21:56:33.0875 2436 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:56:33.0937 2436 MountMgr - ok
21:56:33.0968 2436 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
21:56:33.0968 2436 MozillaMaintenance - ok
21:56:33.0968 2436 mraid35x - ok
21:56:33.0984 2436 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:56:34.0046 2436 MRxDAV - ok
21:56:34.0062 2436 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:56:34.0078 2436 MRxSmb - ok
21:56:34.0109 2436 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
21:56:34.0187 2436 MSDTC - ok
21:56:34.0187 2436 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:56:34.0250 2436 Msfs - ok
21:56:34.0265 2436 MSIServer - ok
21:56:34.0281 2436 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:56:34.0343 2436 MSKSSRV - ok
21:56:34.0359 2436 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:56:34.0437 2436 MSPCLOCK - ok
21:56:34.0437 2436 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:56:34.0515 2436 MSPQM - ok
21:56:34.0531 2436 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:56:34.0593 2436 mssmbios - ok
21:56:34.0656 2436 MSSQL$SQLEXPRESS - ok
21:56:34.0671 2436 [ ADAF062116B4E6D96E44D26486A87AF6 ] MSSQLServerADHelper C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe
21:56:34.0687 2436 MSSQLServerADHelper - ok
21:56:34.0687 2436 [ D5059366B361F0E1124753447AF08AA2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:56:34.0718 2436 MSTEE - ok
21:56:34.0953 2436 [ E514D0493C272AECBAC7C6C1DAC635D1 ] msvsmon90 e:\programme\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe
21:56:35.0031 2436 msvsmon90 - ok
21:56:35.0062 2436 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
21:56:35.0062 2436 MTsensor - ok
21:56:35.0078 2436 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:56:35.0093 2436 Mup - ok
21:56:35.0109 2436 [ AC31B352CE5E92704056D409834BEB74 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:56:35.0109 2436 NABTSFEC - ok
21:56:35.0265 2436 [ 07B2740CF3294B98380B9E1BF8AB05B8 ] NanoServiceMain E:\programme\panda\PSANHost.exe
21:56:35.0265 2436 NanoServiceMain - ok
21:56:35.0296 2436 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
21:56:35.0375 2436 napagent - ok
21:56:35.0406 2436 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:56:35.0468 2436 NDIS - ok
21:56:35.0500 2436 [ ABD7629CF2796250F315C1DD0B6CF7A0 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:56:35.0500 2436 NdisIP - ok
21:56:35.0531 2436 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:56:35.0531 2436 NdisTapi - ok
21:56:35.0546 2436 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:56:35.0609 2436 Ndisuio - ok
21:56:35.0625 2436 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:56:35.0703 2436 NdisWan - ok
21:56:35.0703 2436 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:56:35.0765 2436 NDProxy - ok
21:56:35.0781 2436 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:56:35.0843 2436 NetBIOS - ok
21:56:35.0859 2436 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:56:35.0937 2436 NetBT - ok
21:56:35.0937 2436 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
21:56:36.0015 2436 NetDDE - ok
21:56:36.0015 2436 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:56:36.0078 2436 NetDDEdsdm - ok
21:56:36.0109 2436 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:56:36.0171 2436 Netlogon - ok
21:56:36.0187 2436 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
21:56:36.0250 2436 Netman - ok
21:56:36.0281 2436 [ F9102685F97F9BA85F4A70AFCF722CFE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:56:36.0281 2436 NetTcpPortSharing ( UnsignedFile.Multi.Generic ) - warning
21:56:36.0281 2436 NetTcpPortSharing - detected UnsignedFile.Multi.Generic (1)
21:56:36.0296 2436 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:56:36.0375 2436 NIC1394 - ok
21:56:36.0390 2436 [ F12B9D9A069331877D006CC81B4735F9 ] Nla C:\WINDOWS\System32\mswsock.dll
21:56:36.0453 2436 Nla - ok
21:56:36.0515 2436 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess E:\programme\CDBurnerXP\NMSAccessU.exe
21:56:36.0515 2436 NMSAccess - ok
21:56:36.0546 2436 [ CFEE15A88280D369672DA0E378BBC702 ] NNSALPC C:\WINDOWS\system32\DRIVERS\NNSAlpc.sys
21:56:36.0546 2436 NNSALPC - ok
21:56:36.0562 2436 [ 2708799ADC223C4412341F0C68D032E3 ] NNSHTTP C:\WINDOWS\system32\DRIVERS\NNSHttp.sys
21:56:36.0562 2436 NNSHTTP - ok
21:56:36.0578 2436 [ 533F19056B98D9CCE466B64186905BC1 ] NNSIDS C:\WINDOWS\system32\DRIVERS\NNSIds.sys
21:56:36.0578 2436 NNSIDS - ok
21:56:36.0609 2436 [ 5F7A83B1FC6CAE3E46B215F5E5C759E9 ] NNSNAHS C:\WINDOWS\system32\DRIVERS\NNSNAHS.sys
21:56:36.0609 2436 NNSNAHS - ok
21:56:36.0625 2436 [ 1F054C5CA627FCD3983538D74574016B ] NNSPICC C:\WINDOWS\system32\DRIVERS\NNSPicc.sys
21:56:36.0640 2436 NNSPICC - ok
21:56:36.0671 2436 [ 1ABA7D70E4F029892A381C75EE144C16 ] NNSPIHS C:\WINDOWS\system32\DRIVERS\NNSPihs.sys
21:56:36.0671 2436 NNSPIHS - ok
21:56:36.0687 2436 [ 5F8C023775B8F4A0A8FFC93DD0A27285 ] NNSPOP3 C:\WINDOWS\system32\DRIVERS\NNSPop3.sys
21:56:36.0687 2436 NNSPOP3 - ok
21:56:36.0703 2436 [ CA541CE4A1FC034EEC8CFD6C155B9D30 ] NNSPROT C:\WINDOWS\system32\DRIVERS\NNSProt.sys
21:56:36.0703 2436 NNSPROT - ok
21:56:36.0718 2436 [ 938E8CCC7AC5922F2E3DBDF3E7A3035C ] NNSPRV C:\WINDOWS\system32\DRIVERS\NNSPrv.sys
21:56:36.0734 2436 NNSPRV - ok
21:56:36.0734 2436 [ 2458E950F0A0DD9AD08385209B5E1702 ] NNSSMTP C:\WINDOWS\system32\DRIVERS\NNSSmtp.sys
21:56:36.0734 2436 NNSSMTP - ok
21:56:36.0750 2436 [ 75D990651236A570C4C80ED56BFB4009 ] NNSSTRM C:\WINDOWS\system32\DRIVERS\NNSStrm.sys
21:56:36.0765 2436 NNSSTRM - ok
21:56:36.0781 2436 [ 9D526B79E7D438056ED7D382AB94019A ] NNSTLSC C:\WINDOWS\system32\DRIVERS\NNSTlsc.sys
21:56:36.0781 2436 NNSTLSC - ok
21:56:36.0796 2436 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:56:36.0859 2436 Npfs - ok
21:56:36.0890 2436 [ C98168642B15B5EC4AF116E4C30C8BAF ] nSvcIp C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
21:56:36.0890 2436 nSvcIp ( UnsignedFile.Multi.Generic ) - warning
21:56:36.0890 2436 nSvcIp - detected UnsignedFile.Multi.Generic (1)
21:56:36.0890 2436 [ 381A4EDAC8C5D4327E27387686087A99 ] nSvcLog C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
21:56:36.0906 2436 nSvcLog ( UnsignedFile.Multi.Generic ) - warning
21:56:36.0906 2436 nSvcLog - detected UnsignedFile.Multi.Generic (1)
21:56:36.0921 2436 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:56:37.0000 2436 Ntfs - ok
21:56:37.0015 2436 [ 8A2788FF5AA0FE75D7231417200406FF ] ntiomin C:\WINDOWS\system32\drivers\ntiomin.sys
21:56:37.0015 2436 ntiomin ( UnsignedFile.Multi.Generic ) - warning
21:56:37.0015 2436 ntiomin - detected UnsignedFile.Multi.Generic (1)
21:56:37.0046 2436 [ 5850C28057DDEA04390B88F8CC482504 ] ntiopnp C:\WINDOWS\system32\drivers\ntiopnp.sys
21:56:37.0046 2436 ntiopnp - ok
21:56:37.0062 2436 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
21:56:37.0125 2436 NtLmSsp - ok
21:56:37.0140 2436 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:56:37.0218 2436 NtmsSvc - ok
21:56:37.0250 2436 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:56:37.0312 2436 Null - ok
21:56:37.0328 2436 [ C03E15101F6D9E82CD9B0E7D715F5DE3 ] nvata C:\WINDOWS\system32\DRIVERS\nvata.sys
21:56:37.0328 2436 nvata - ok
21:56:37.0343 2436 [ B9333604527E02CD2223F200C0BAE7E0 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
21:56:37.0343 2436 NVENETFD - ok
21:56:37.0359 2436 [ 5E9E55F7EE644C7C5FD78A206FBE37AB ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
21:56:37.0375 2436 nvnetbus - ok
21:56:37.0390 2436 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:56:37.0453 2436 NwlnkFlt - ok
21:56:37.0453 2436 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:56:37.0531 2436 NwlnkFwd - ok
21:56:37.0531 2436 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:56:37.0593 2436 ohci1394 - ok
21:56:37.0640 2436 [ BB7B0F4BE49BF461CED8103B000D20D5 ] OpcEnum C:\WINDOWS\system32\OpcEnum.exe
21:56:37.0640 2436 OpcEnum - ok
21:56:37.0687 2436 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
21:56:37.0703 2436 ose - ok
21:56:37.0718 2436 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
21:56:37.0781 2436 Parport - ok
21:56:37.0781 2436 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:56:37.0859 2436 PartMgr - ok
21:56:37.0875 2436 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:56:37.0937 2436 ParVdm - ok
21:56:37.0937 2436 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:56:38.0000 2436 PCI - ok
21:56:38.0015 2436 PCIDump - ok
21:56:38.0015 2436 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:56:38.0093 2436 PCIIde - ok
21:56:38.0109 2436 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
21:56:38.0171 2436 Pcmcia - ok
21:56:38.0171 2436 PDCOMP - ok
21:56:38.0187 2436 PDFRAME - ok
21:56:38.0187 2436 PDRELI - ok
21:56:38.0187 2436 PDRFRAME - ok
21:56:38.0203 2436 [ 16BC447DE474A9E125DB39806714F1E1 ] pepifilter C:\WINDOWS\system32\DRIVERS\lv302af.sys
21:56:38.0218 2436 pepifilter - ok
21:56:38.0218 2436 perc2 - ok
21:56:38.0218 2436 perc2hib - ok
21:56:38.0250 2436 [ 7A31B09C7F037A1217B658465F19BBCE ] PID_08A0 C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
21:56:38.0281 2436 PID_08A0 - ok
21:56:38.0312 2436 [ 4BB6A83640F1D1792AD21CE767B621C6 ] PlugPlay C:\WINDOWS\system32\services.exe
21:56:38.0375 2436 PlugPlay - ok
21:56:38.0390 2436 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:56:38.0453 2436 PolicyAgent - ok
21:56:38.0468 2436 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:56:38.0546 2436 PptpMiniport - ok
21:56:38.0546 2436 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:56:38.0609 2436 ProtectedStorage - ok
21:56:38.0625 2436 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:56:38.0687 2436 PSched - ok
21:56:38.0718 2436 [ 8ABBC5F1492BFDE63FEAE2718A630E5C ] PSINAflt C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
21:56:38.0734 2436 PSINAflt - ok
21:56:38.0734 2436 [ D92FD5186C6ED7A0CFE5E4FA69CFEF59 ] PSINFile C:\WINDOWS\system32\DRIVERS\PSINFile.sys
21:56:38.0734 2436 PSINFile - ok
21:56:38.0750 2436 [ C24FA396FF16D8C671D9E5807A0BC8B7 ] PSINKNC C:\WINDOWS\system32\DRIVERS\psinknc.sys
21:56:38.0765 2436 PSINKNC - ok
21:56:38.0765 2436 [ C52B3E1631CFA5E3BBDE6D2558C0CC72 ] PSINProc C:\WINDOWS\system32\DRIVERS\PSINProc.sys
21:56:38.0765 2436 PSINProc - ok
21:56:38.0781 2436 [ 0E4C4813C2AA327229F387E3921E69C3 ] PSINProt C:\WINDOWS\system32\DRIVERS\PSINProt.sys
21:56:38.0781 2436 PSINProt - ok
21:56:38.0812 2436 [ 476769481841007583875023F7ECC4CA ] PSKMAD C:\WINDOWS\system32\DRIVERS\PSKMAD.sys
21:56:38.0828 2436 PSKMAD - ok
21:56:38.0859 2436 [ 98A9D3236C6301503571DE79B86E8538 ] PSUAService E:\programme\panda\PSUAService.exe
21:56:38.0859 2436 PSUAService - ok
21:56:38.0890 2436 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:56:38.0953 2436 Ptilink - ok
21:56:38.0953 2436 ql1080 - ok
21:56:38.0953 2436 Ql10wnt - ok
21:56:38.0968 2436 ql12160 - ok
21:56:38.0968 2436 ql1240 - ok
21:56:38.0968 2436 ql1280 - ok
21:56:38.0984 2436 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:56:39.0046 2436 RasAcd - ok
21:56:39.0078 2436 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:56:39.0140 2436 RasAuto - ok
21:56:39.0156 2436 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:56:39.0218 2436 Rasl2tp - ok
21:56:39.0234 2436 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:56:39.0312 2436 RasMan - ok
21:56:39.0312 2436 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:56:39.0375 2436 RasPppoe - ok
21:56:39.0390 2436 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:56:39.0453 2436 Raspti - ok
21:56:39.0453 2436 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:56:39.0531 2436 Rdbss - ok
21:56:39.0531 2436 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:56:39.0593 2436 RDPCDD - ok
21:56:39.0609 2436 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:56:39.0671 2436 rdpdr - ok
21:56:39.0703 2436 [ FC105DD312ED64EB66BFF111E8EC6EAC ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:56:39.0703 2436 RDPWD - ok
21:56:39.0718 2436 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:56:39.0796 2436 RDSessMgr - ok
21:56:39.0812 2436 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:56:39.0875 2436 redbook - ok
21:56:39.0906 2436 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:56:39.0968 2436 RemoteAccess - ok
21:56:39.0984 2436 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:56:40.0046 2436 RemoteRegistry - ok
21:56:40.0078 2436 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
21:56:40.0140 2436 RpcLocator - ok
21:56:40.0156 2436 [ E970C2296916BF4A2F958680016FE312 ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:56:40.0234 2436 RpcSs - ok
21:56:40.0250 2436 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
21:56:40.0312 2436 RSVP - ok
21:56:40.0343 2436 [ DC9CB32D3749AEB37C3250C3274121A5 ] RTIOdrvAPIC C:\WINDOWS\system32\drivers\RTIOdrvAPIC.sys
21:56:40.0343 2436 RTIOdrvAPIC ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0343 2436 RTIOdrvAPIC - detected UnsignedFile.Multi.Generic (1)
21:56:40.0375 2436 [ 4F7D38311DD316437CDFCA78AEA67733 ] RTIOdrvApplicom C:\WINDOWS\system32\drivers\RTIOdrvApplicom.sys
21:56:40.0375 2436 RTIOdrvApplicom ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0375 2436 RTIOdrvApplicom - detected UnsignedFile.Multi.Generic (1)
21:56:40.0406 2436 [ 9391853D25F5A5B5769CB4B6E014199C ] RTIOdrvAutomata C:\WINDOWS\system32\drivers\RTIOdrvAutomata.sys
21:56:40.0421 2436 RTIOdrvAutomata ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0421 2436 RTIOdrvAutomata - detected UnsignedFile.Multi.Generic (1)
21:56:40.0468 2436 [ CF48B576AC493546303ACC9E119970C6 ] RTIOdrvCP5613 C:\WINDOWS\system32\drivers\RTIOdrvCP5613.sys
21:56:40.0468 2436 RTIOdrvCP5613 ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0468 2436 RTIOdrvCP5613 - detected UnsignedFile.Multi.Generic (1)
21:56:40.0484 2436 [ 4B2A5274EFB5EA9D9CE5714CE46E6AC8 ] RTIOdrvDAMP C:\WINDOWS\system32\drivers\RTIOdrvDAMP.sys
21:56:40.0484 2436 RTIOdrvDAMP ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0484 2436 RTIOdrvDAMP - detected UnsignedFile.Multi.Generic (1)
21:56:40.0500 2436 [ 0A7A2D1DF3129E581A183B0C048FE1F5 ] RTIOdrvFC310x C:\WINDOWS\system32\drivers\RTIOdrvFC310x.sys
21:56:40.0515 2436 RTIOdrvFC310x ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0515 2436 RTIOdrvFC310x - detected UnsignedFile.Multi.Generic (1)
21:56:40.0531 2436 [ 21CE27D9F015C7DE78C220B1D6316A3A ] RTIOdrvHilscherDPM C:\WINDOWS\system32\drivers\RTIOdrvHilscherDPM.sys
21:56:40.0531 2436 RTIOdrvHilscherDPM ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0531 2436 RTIOdrvHilscherDPM - detected UnsignedFile.Multi.Generic (1)
21:56:40.0546 2436 [ D2F41F9E0F0F58EB79F269D8F0ECAD4D ] RTIOdrvHMS C:\WINDOWS\system32\drivers\RTIOdrvHMS.sys
21:56:40.0562 2436 RTIOdrvHMS ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0562 2436 RTIOdrvHMS - detected UnsignedFile.Multi.Generic (1)
21:56:40.0578 2436 [ 10997FCD12441587E2AFC51FBCCDA286 ] RTIOdrvKuhnkePBM C:\WINDOWS\system32\drivers\RTIOdrvKuhnkePBM.sys
21:56:40.0578 2436 RTIOdrvKuhnkePBM ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0578 2436 RTIOdrvKuhnkePBM - detected UnsignedFile.Multi.Generic (1)
21:56:40.0609 2436 [ 8E4667211F883426456B8237FC83C326 ] RTIOdrvSJA C:\WINDOWS\system32\drivers\RTIOdrvSJA.sys
21:56:40.0609 2436 RTIOdrvSJA ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0609 2436 RTIOdrvSJA - detected UnsignedFile.Multi.Generic (1)
21:56:40.0687 2436 [ 0BB70D0CEF694D7FC7C9BDEC9B4D4496 ] RTService E:\programme\3S\CoDeSys SP RTE\RTService.exe
21:56:40.0687 2436 RTService ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0703 2436 RTService - detected UnsignedFile.Multi.Generic (1)
21:56:40.0718 2436 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
21:56:40.0781 2436 SamSs - ok
21:56:40.0796 2436 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:56:40.0859 2436 SCardSvr - ok
21:56:40.0890 2436 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:56:40.0968 2436 Schedule - ok
21:56:40.0968 2436 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:56:41.0015 2436 Secdrv - ok
21:56:41.0031 2436 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
21:56:41.0093 2436 seclogon - ok
21:56:41.0109 2436 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
21:56:41.0171 2436 SENS - ok
21:56:41.0187 2436 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
21:56:41.0250 2436 serenum - ok
21:56:41.0250 2436 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
21:56:41.0328 2436 Serial - ok
21:56:41.0328 2436 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:56:41.0406 2436 Sfloppy - ok
21:56:41.0421 2436 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:56:41.0484 2436 SharedAccess - ok
21:56:41.0500 2436 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:56:41.0515 2436 ShellHWDetection - ok
21:56:41.0515 2436 Simbad - ok
21:56:41.0546 2436 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
21:56:41.0546 2436 SkypeUpdate - ok
21:56:41.0578 2436 [ 1FFC44D6787EC1EA9A2B1440A90FA5C1 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:56:41.0593 2436 SLIP - ok
21:56:41.0593 2436 Sparrow - ok
21:56:41.0609 2436 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:56:41.0671 2436 splitter - ok
21:56:41.0703 2436 [ 39356A9CDB6753A6D13A4072A9F5A4BB ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:56:41.0765 2436 Spooler - ok
21:56:41.0796 2436 [ 71E276F6D189413266EA22171806597B ] sptd C:\WINDOWS\System32\Drivers\sptd.sys
21:56:41.0812 2436 sptd - ok
21:56:41.0828 2436 [ D2B096CD2F56FAC6EEEED9A77DDF6DC8 ] SQLBrowser C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:56:41.0843 2436 SQLBrowser - ok
21:56:41.0859 2436 [ 54902536AAD0E9B99BC65F89C0CAF93F ] SQLWriter C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:56:41.0859 2436 SQLWriter - ok
21:56:41.0906 2436 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:56:41.0937 2436 sr - ok
21:56:41.0953 2436 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
21:56:41.0984 2436 srservice - ok
21:56:41.0984 2436 [ 5252605079810904E31C332E241CD59B ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:56:42.0062 2436 Srv - ok
21:56:42.0078 2436 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:56:42.0109 2436 SSDPSRV - ok
21:56:42.0125 2436 [ F92254B0BCFCD10CAAC7BCCC7CB7F467 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
21:56:42.0140 2436 StarOpen ( UnsignedFile.Multi.Generic ) - warning
21:56:42.0140 2436 StarOpen - detected UnsignedFile.Multi.Generic (1)
21:56:42.0156 2436 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:56:42.0234 2436 stisvc - ok
21:56:42.0250 2436 [ A9F9FD0212E572B84EDB9EB661F6BC04 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:56:42.0250 2436 streamip - ok
21:56:42.0265 2436 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:56:42.0328 2436 swenum - ok
21:56:42.0343 2436 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:56:42.0406 2436 swmidi - ok
21:56:42.0406 2436 SwPrv - ok
21:56:42.0421 2436 symc810 - ok
21:56:42.0421 2436 symc8xx - ok
21:56:42.0421 2436 sym_hi - ok
21:56:42.0437 2436 sym_u3 - ok
21:56:42.0437 2436 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:56:42.0515 2436 sysaudio - ok
21:56:42.0531 2436 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:56:42.0609 2436 SysmonLog - ok
21:56:42.0625 2436 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:56:42.0703 2436 TapiSrv - ok
21:56:42.0718 2436 [ 68F06FE0021B01E670AF37B8C5964FDF ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:56:42.0734 2436 Tcpip ( UnsignedFile.Multi.Generic ) - warning
21:56:42.0734 2436 Tcpip - detected UnsignedFile.Multi.Generic (1)
21:56:42.0750 2436 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:56:42.0812 2436 TDPIPE - ok
21:56:42.0828 2436 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:56:42.0906 2436 TDTCP - ok
21:56:42.0906 2436 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:56:42.0984 2436 TermDD - ok
21:56:43.0031 2436 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
21:56:43.0093 2436 TermService - ok
21:56:43.0109 2436 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
21:56:43.0125 2436 Themes - ok
21:56:43.0140 2436 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
21:56:43.0187 2436 TlntSvr - ok
21:56:43.0187 2436 TosIde - ok
21:56:43.0203 2436 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:56:43.0281 2436 TrkWks - ok
21:56:43.0281 2436 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:56:43.0359 2436 Udfs - ok
21:56:43.0359 2436 ultra - ok
21:56:43.0375 2436 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
21:56:43.0390 2436 UMWdf - ok
21:56:43.0406 2436 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:56:43.0484 2436 Update - ok
21:56:43.0500 2436 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:56:43.0531 2436 upnphost - ok
21:56:43.0546 2436 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
21:56:43.0625 2436 UPS - ok
21:56:43.0640 2436 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
21:56:43.0703 2436 usbaudio - ok
21:56:43.0718 2436 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:56:43.0796 2436 usbccgp - ok
21:56:43.0796 2436 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:56:43.0875 2436 usbehci - ok
21:56:43.0875 2436 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:56:43.0937 2436 usbhub - ok
21:56:43.0953 2436 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:56:44.0015 2436 usbohci - ok
21:56:44.0046 2436 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:56:44.0109 2436 USBSTOR - ok
21:56:44.0109 2436 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:56:44.0171 2436 VgaSave - ok
21:56:44.0187 2436 ViaIde - ok
21:56:44.0203 2436 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:56:44.0265 2436 VolSnap - ok
21:56:44.0281 2436 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
21:56:44.0312 2436 VSS - ok
21:56:44.0328 2436 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
21:56:44.0406 2436 W32Time - ok
21:56:44.0406 2436 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:56:44.0484 2436 Wanarp - ok
21:56:44.0484 2436 WDICA - ok
21:56:44.0484 2436 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:56:44.0562 2436 wdmaud - ok
21:56:44.0578 2436 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:56:44.0640 2436 WebClient - ok
21:56:44.0687 2436 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:56:44.0765 2436 winmgmt - ok
21:56:44.0781 2436 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:56:44.0796 2436 WmdmPmSN - ok
21:56:44.0828 2436 [ 53E1CCF332A2F40B5E08476921CD8B44 ] Wmi C:\WINDOWS\System32\advapi32.dll
21:56:44.0906 2436 Wmi - ok
21:56:44.0921 2436 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:56:45.0000 2436 WmiApSrv - ok
21:56:45.0031 2436 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:56:45.0093 2436 WS2IFSL - ok
21:56:45.0109 2436 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:56:45.0171 2436 wscsvc - ok
21:56:45.0203 2436 [ 233CDD1C06942115802EB7CE6669E099 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:56:45.0203 2436 WSTCODEC - ok
21:56:45.0218 2436 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:56:45.0296 2436 wuauserv - ok
21:56:45.0312 2436 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:56:45.0390 2436 WZCSVC - ok
21:56:45.0406 2436 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:56:45.0468 2436 xmlprov - ok
21:56:45.0468 2436 ================ Scan global ===============================
21:56:45.0484 2436 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
21:56:45.0500 2436 [ 4CD408F799D4A72B0DE1F1116A77A48E ] C:\WINDOWS\system32\winsrv.dll
21:56:45.0500 2436 [ 4CD408F799D4A72B0DE1F1116A77A48E ] C:\WINDOWS\system32\winsrv.dll
21:56:45.0515 2436 [ 4BB6A83640F1D1792AD21CE767B621C6 ] C:\WINDOWS\system32\services.exe
21:56:45.0515 2436 [Global] - ok
21:56:45.0515 2436 ================ Scan MBR ==================================
21:56:45.0531 2436 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
21:56:45.0750 2436 \Device\Harddisk0\DR0 - ok
21:56:45.0750 2436 ================ Scan VBR ==================================
21:56:45.0750 2436 [ 22A128A5FBC0968718F84ECC8245F120 ] \Device\Harddisk0\DR0\Partition1
21:56:45.0750 2436 \Device\Harddisk0\DR0\Partition1 - ok
21:56:45.0750 2436 [ 5F1178C9F8123418E398130A9C9C65C6 ] \Device\Harddisk0\DR0\Partition2
21:56:45.0750 2436 \Device\Harddisk0\DR0\Partition2 - ok
21:56:45.0781 2436 [ 887854459EF0FF587CA451B229A1F9B1 ] \Device\Harddisk0\DR0\Partition3
21:56:45.0781 2436 \Device\Harddisk0\DR0\Partition3 - ok
21:56:45.0781 2436 ============================================================
21:56:45.0781 2436 Scan finished
21:56:45.0781 2436 ============================================================
21:56:45.0796 2160 Detected object count: 30
21:56:45.0796 2160 Actual detected object count: 30
21:56:55.0062 2160 3SRTE ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0062 2160 3SRTE ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0062 2160 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0062 2160 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0062 2160 AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0062 2160 AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0062 2160 CoDeSys Control Win V3 ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0062 2160 CoDeSys Control Win V3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0062 2160 CoDeSys Gateway V3 ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160 CoDeSys Gateway V3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160 CoDeSys ServiceControl ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160 CoDeSys ServiceControl ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160 de_serv ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160 de_serv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160 ENI Server ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160 ENI Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160 ForceWare Intelligent Application Manager (IAM) ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160 ForceWare Intelligent Application Manager (IAM) ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160 ForcewareWebInterface ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160 ForcewareWebInterface ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160 ibpcimpm ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160 ibpcimpm ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160 idsvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160 idsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160 NetTcpPortSharing ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160 NetTcpPortSharing ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160 nSvcIp ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160 nSvcIp ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160 nSvcLog ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160 nSvcLog ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160 ntiomin ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160 ntiomin ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160 RTIOdrvAPIC ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160 RTIOdrvAPIC ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160 RTIOdrvApplicom ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160 RTIOdrvApplicom ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160 RTIOdrvAutomata ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160 RTIOdrvAutomata ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160 RTIOdrvCP5613 ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160 RTIOdrvCP5613 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160 RTIOdrvDAMP ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160 RTIOdrvDAMP ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160 RTIOdrvFC310x ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160 RTIOdrvFC310x ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160 RTIOdrvHilscherDPM ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160 RTIOdrvHilscherDPM ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160 RTIOdrvHMS ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160 RTIOdrvHMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160 RTIOdrvKuhnkePBM ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160 RTIOdrvKuhnkePBM ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160 RTIOdrvSJA ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160 RTIOdrvSJA ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160 RTService ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160 RTService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0109 2160 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0109 2160 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0109 2160 Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0109 2160 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
11.10.2012, 13:25
| #22 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner gefunden? awt43abr.exe, wgsdgsdgdsgsd.exe, ebf.exe Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.10.2012, 15:37
| #23 |
| | Trojaner gefunden? awt43abr.exe, wgsdgsdgdsgsd.exe, ebf.exeCode:
ATTFilter ComboFix 12-10-11.03 - *** 11.10.2012 14:44:06.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.2046.1378 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\***\Desktop\ComboFix.exe
AV: Panda Cloud Antivirus *Disabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}
FW: ActiveArmor Firewall *Enabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
FW: Cloud Antivirus Firewall *Disabled* {1337562C-110A-4AF8-B12B-750C0B30E802}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP
c:\dokumente und einstellungen\***\Anwendungsdaten\Deen
c:\dokumente und einstellungen\***\Anwendungsdaten\Deen\oqdex.doe
c:\dokumente und einstellungen\***\Anwendungsdaten\Local
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\0.ddi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\1.ddi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\2.ddi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\3.ddi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\4.ddi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\5.ddi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\52339834b0cea8515bfe4c38471b8888.avi.ddr
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\6.ddi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\a20ae4c4a6c8749337bb79519b5adddc.avi(2).ddr
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\a20ae4c4a6c8749337bb79519b5adddc.avi.ddr
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\a83e81c4739ee4419746b5f932b8b1bd.avi.ddr
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\ca4083f1cb5525e97622a5e571fd3e51.avi.ddr
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\Post_Install_RB_HiQ_de.divx.ddr
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\settings.ddi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\Temporary Downloaded Files\52339834b0cea8515bfe4c38471b8888.avi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\Temporary Downloaded Files\a20ae4c4a6c8749337bb79519b5adddc.avi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\Temporary Downloaded Files\a20ae4c4a6c8749337bb79519b5adddc.avi.ddp
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\Temporary Downloaded Files\a83e81c4739ee4419746b5f932b8b1bd.avi.ddp
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\Temporary Downloaded Files\ca4083f1cb5525e97622a5e571fd3e51.avi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\Temporary Downloaded Files\Post_Install_RB_HiQ_de.divx
c:\dokumente und einstellungen\***\Lokale Einstellungen\Anwendungsdaten\assembly\tmp
c:\dokumente und einstellungen\***\WINDOWS
c:\windows\IsUn0407.exe
c:\windows\system32\html
c:\windows\system32\html\calendar.html
c:\windows\system32\html\calendarbottom.html
c:\windows\system32\html\calendartop.html
c:\windows\system32\html\crystalexportdialog.htm
c:\windows\system32\html\crystalprinthost.html
c:\windows\system32\images
c:\windows\system32\images\toolbar\calendar.gif
c:\windows\system32\images\toolbar\crlogo.gif
c:\windows\system32\images\toolbar\export.gif
c:\windows\system32\images\toolbar\export_over.gif
c:\windows\system32\images\toolbar\exportd.gif
c:\windows\system32\images\toolbar\First.gif
c:\windows\system32\images\toolbar\first_over.gif
c:\windows\system32\images\toolbar\Firstd.gif
c:\windows\system32\images\toolbar\gotopage.gif
c:\windows\system32\images\toolbar\gotopage_over.gif
c:\windows\system32\images\toolbar\gotopaged.gif
c:\windows\system32\images\toolbar\grouptree.gif
c:\windows\system32\images\toolbar\grouptree_over.gif
c:\windows\system32\images\toolbar\grouptreed.gif
c:\windows\system32\images\toolbar\grouptreepressed.gif
c:\windows\system32\images\toolbar\Last.gif
c:\windows\system32\images\toolbar\last_over.gif
c:\windows\system32\images\toolbar\Lastd.gif
c:\windows\system32\images\toolbar\Next.gif
c:\windows\system32\images\toolbar\next_over.gif
c:\windows\system32\images\toolbar\Nextd.gif
c:\windows\system32\images\toolbar\Prev.gif
c:\windows\system32\images\toolbar\prev_over.gif
c:\windows\system32\images\toolbar\Prevd.gif
c:\windows\system32\images\toolbar\print.gif
c:\windows\system32\images\toolbar\print_over.gif
c:\windows\system32\images\toolbar\printd.gif
c:\windows\system32\images\toolbar\Refresh.gif
c:\windows\system32\images\toolbar\refresh_over.gif
c:\windows\system32\images\toolbar\refreshd.gif
c:\windows\system32\images\toolbar\Search.gif
c:\windows\system32\images\toolbar\search_over.gif
c:\windows\system32\images\toolbar\searchd.gif
c:\windows\system32\images\toolbar\up.gif
c:\windows\system32\images\toolbar\up_over.gif
c:\windows\system32\images\toolbar\upd.gif
c:\windows\system32\images\tree\begindots.gif
c:\windows\system32\images\tree\beginminus.gif
c:\windows\system32\images\tree\beginplus.gif
c:\windows\system32\images\tree\blank.gif
c:\windows\system32\images\tree\blankdots.gif
c:\windows\system32\images\tree\dots.gif
c:\windows\system32\images\tree\lastdots.gif
c:\windows\system32\images\tree\lastminus.gif
c:\windows\system32\images\tree\lastplus.gif
c:\windows\system32\images\tree\Magnify.gif
c:\windows\system32\images\tree\minus.gif
c:\windows\system32\images\tree\minusbox.gif
c:\windows\system32\images\tree\plus.gif
c:\windows\system32\images\tree\plusbox.gif
c:\windows\system32\images\tree\singleminus.gif
c:\windows\system32\images\tree\singleplus.gif
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-09-11 bis 2012-10-11 ))))))))))))))))))))))))))))))
.
.
2012-10-11 11:08 . 2011-03-10 16:04 46280 ----a-w- c:\windows\system32\drivers\PSKMAD.sys
2012-10-09 00:27 . 2012-10-09 00:27 -------- d-----w- c:\programme\ESET
2012-10-08 20:51 . 2012-10-08 20:51 -------- d-----w- c:\programme\Malwarebytes' Anti-Malware
2012-10-08 20:51 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-08 11:52 . 2011-06-21 04:09 200976 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2012-10-04 17:32 . 2012-10-04 17:32 -------- d-----w- c:\dokumente und einstellungen\***\Anwendungsdaten\Thunderbird
2012-10-03 17:04 . 2012-10-03 17:04 -------- d-----w- c:\dokumente und einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Identities
2012-10-03 17:04 . 2012-10-08 15:55 -------- d-----w- c:\dokumente und einstellungen\***\Anwendungsdaten\Raavak
2012-09-23 12:24 . 2012-09-23 12:24 -------- d-----w- c:\windows\system32\config\systemprofile\Lokale Einstellungen\Anwendungsdaten\Google
2012-09-18 20:14 . 2012-09-18 20:17 -------- d-----w- c:\dokumente und einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google
2012-09-18 20:14 . 2012-09-18 20:16 -------- d-----w- c:\programme\Google
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-10 19:05 . 2012-04-17 08:19 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-10 19:05 . 2011-11-02 12:35 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-14 13:48 . 2012-07-14 11:13 102400 ----a-w- c:\windows\RegBootClean.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2010-04-05 . 68F06FE0021B01E670AF37B8C5964FDF . 361344 . . [5.1.2600.5512] . . c:\windows\system32\drivers\tcpip.sys
.
[-] 2010-04-05 . 5369751495AAC607F51DF5D057A96006 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\dokumente und einstellungen\***\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\dokumente und einstellungen\***\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\dokumente und einstellungen\***\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\dokumente und einstellungen\***\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="e:\programme\RocketDock\RocketDock.exe" [2007-09-02 495616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nTrayFw"="c:\programme\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2006-02-17 270336]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-10-08 221184]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2011-06-09 254696]
"PSUAMain"="e:\programme\panda\PSUAMain.exe" [2012-07-13 37152]
"Panda Security URL Filtering"="c:\dokumente und einstellungen\All Users\Anwendungsdaten\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2012-03-15 217256]
"RTHDCPL"="RTHDCPL.EXE" [2012-06-06 20065936]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2009-03-08 128512]
.
c:\dokumente und einstellungen\***\Startmenü\Programme\Autostart\
E-Mail.lnk - [N/A]
Internet.lnk - [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableStatusMessages"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^CodeMeter Control Center.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\CodeMeter Control Center.lnk
backup=c:\windows\pss\CodeMeter Control Center.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2008-06-11 20:43 640376 ----a-w- e:\programme\adobe\acrreader\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
2008-06-12 00:25 37232 ----a-w- e:\programme\adobe\acrreader\Acrobat\acrobat_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 13:10 843712 ----a-w- c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2010-11-03 16:13 64104 ----a-w- c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CoDeSysControlSysTray]
2011-10-28 09:56 397312 ----a-w- e:\programme\3s Codesys\GatewayPLC\CoDeSysControlSysTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-16 20:04 1164584 ----a-w- c:\programme\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ENISysTray]
2009-01-20 07:45 245760 ----a-w- e:\programme\3S\CoDeSys ENI Server\ENISysTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GatewaySysTray]
2011-10-28 09:56 397312 ----a-w- e:\programme\3s Codesys\GatewayPLC\GatewaySysTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X Configure]
2006-10-30 12:44 1953792 ------r- c:\windows\system32\JMRaidSetup.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
2006-10-30 12:44 36864 ------r- c:\windows\JM\JMInsIDE.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2010-11-03 16:15 1833576 ----a-w- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2006-11-10 10:35 90112 ------w- c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TortoiseHgOverlayIconServer]
2012-07-02 21:24 47880 ----a-w- c:\programme\TortoiseHg\TortoiseHgOverlayServer.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"e:\\programme\\FRITZ!DSL\\IGDCTRL.EXE"=
"e:\\programme\\Pidgin\\pidgin.exe"=
"e:\\programme\\eclipse\\eclipse.exe"=
"e:\\programme\\XAMPP\\xampp\\mysql\\bin\\mysqld.exe"=
"e:\\programme\\Maple\\jre\\bin\\maple.exe"=
"e:\\programme\\Maple\\jre\\bin\\java.exe"=
"e:\\programme\\XAMPP\\xampp\\apache\\bin\\httpd.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"e:\\programme\\Mozilla Firefox\\firefox.exe"=
"e:\\programme\\IBM\\RMC75\\rmc\\rmc.exe"=
"e:\\programme\\java\\jre6\\bin\\java.exe"=
"e:\\programme\\epf-composer-1.2.0.4-win32\\epf.exe"=
"e:\\programme\\java\\jre6\\bin\\javaw.exe"=
"e:\\programme\\yEd\\yEd.exe"=
"c:\\Dokumente und Einstellungen\\***\\Anwendungsdaten\\Wuala\\Roaming\\Wuala.exe"=
"c:\\Dokumente und Einstellungen\\***\\Anwendungsdaten\\Dropbox\\bin\\Dropbox.exe"=
"e:\\programme\\FRITZ!DSL\\FBOXUPD.EXE"=
"c:\\Programme\\Orbitdownloader\\orbitdm.exe"=
"c:\\Programme\\Orbitdownloader\\orbitnet.exe"=
"e:\\programme\\Mozilla Firefox\\plugin-container.exe"=
"e:\\programme\\3S\\CoDeSys SP PLCWinNT\\PLCWinNT24.exe"=
"c:\\Programme\\CodeMeter\\Runtime\\bin\\CodeMeter.exe"=
"e:\\programme\\3s Codesys\\CoDeSys\\Common\\CoDeSys.exe"=
"e:\\programme\\3s Codesys\\CoDeSys\\Common\\RepTool.exe"=
"e:\\programme\\3s Codesys\\CoDeSys\\Common\\IPMCLI.exe"=
"e:\\programme\\3s Codesys\\GatewayPLC\\GatewayService.exe"=
"c:\\WINDOWS\\system32\\Gateway.exe"=
"c:\\WINDOWS\\system32\\GatewayDDE.exe"=
"e:\\programme\\3s Codesys\\GatewayPLC\\CoDeSysControlService.exe"=
"e:\\programme\\3s Codesys\\GatewayPLC\\CoDeSysHMI.exe"=
"e:\\programme\\BORIS\\Boris.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\av-cls\\wget.exe"= c:\\AV-CLS\\WGET.EXE
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R1 NNSALPC;NNSAlpc;c:\windows\system32\drivers\NNSAlpc.sys [27.06.2012 15:51 82472]
R1 NNSHTTP;NNSHttp;c:\windows\system32\drivers\NNSHttp.sys [27.06.2012 15:51 120744]
R1 NNSIDS;NNSids;c:\windows\system32\drivers\NNSIds.sys [27.06.2012 15:51 122664]
R1 NNSPICC;NNSPicc;c:\windows\system32\drivers\NNSpicc.sys [27.06.2012 15:51 93992]
R1 NNSPOP3;NNSPop3;c:\windows\system32\drivers\NNSPop3.sys [27.06.2012 15:51 104104]
R1 NNSPROT;NNSProt;c:\windows\system32\drivers\NNSProt.sys [27.06.2012 15:51 286376]
R1 NNSPRV;NNSPrv;c:\windows\system32\drivers\NNSPrv.sys [27.06.2012 15:51 153000]
R1 NNSSMTP;NNSSmtp;c:\windows\system32\drivers\NNSSmtp.sys [27.06.2012 15:51 106536]
R1 NNSSTRM;NNSStrm;c:\windows\system32\drivers\NNSStrm.sys [12.07.2012 11:18 206632]
R1 NNSTLSC;NNSTlsc;c:\windows\system32\drivers\NNStlsc.sys [27.06.2012 15:51 92840]
R1 ntiomin;ntiomin;c:\windows\system32\drivers\ntiomin.sys [10.08.2010 15:49 11392]
R1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [13.07.2012 07:02 179112]
R2 NanoServiceMain;Panda Cloud Antivirus Service;e:\programme\panda\PSANHost.exe [13.07.2012 06:57 140064]
R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [13.07.2012 07:02 149032]
R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [13.07.2012 07:02 101544]
R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [13.07.2012 07:02 114728]
R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [13.07.2012 07:02 120616]
R2 PSUAService;Panda Product Service;e:\programme\panda\PSUAService.exe [13.07.2012 07:15 36640]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [30.05.2011 12:55 101904]
R3 PSKMAD;PSKMAD;c:\windows\system32\drivers\PSKMAD.sys [11.10.2012 13:08 46280]
S2 gupdate;Google Update-Dienst (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [18.09.2012 22:14 116648]
S2 SkypeUpdate;Skype Updater;c:\programme\Skype\Updater\Updater.exe [03.07.2012 13:19 160944]
S3 3SRTE;RTE 3S System Driver;c:\windows\system32\drivers\3SRTE.sys [30.10.2011 22:28 334446]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [19.07.2012 12:49 1691480]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [18.09.2012 22:14 116648]
S3 ibpcimpm;ibpcimpm;c:\windows\system32\drivers\ibpcimpm.sys [30.10.2011 22:28 267912]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice.exe [02.05.2012 16:52 114144]
S3 NNSNAHS;Network Activity Hook Server Service;c:\windows\system32\drivers\NNSNAHS.sys [09.09.2011 13:54 38536]
S3 RTIOdrvAPIC;RTIOdrvAPIC;c:\windows\system32\drivers\RTIOdrvAPIC.sys [30.10.2011 22:28 19584]
S3 RTIOdrvApplicom;RTIOdrvApplicom;c:\windows\system32\drivers\RTIOdrvApplicom.sys [30.10.2011 22:28 222852]
S3 RTIOdrvAutomata;RTIOdrvAutomata;c:\windows\system32\drivers\RTIOdrvAutomata.sys [30.10.2011 22:28 307020]
S3 RTIOdrvCP5613;RTIOdrvCP5613;c:\windows\system32\drivers\RTIOdrvCP5613.sys [30.10.2011 22:28 403408]
S3 RTIOdrvDAMP;RTIOdrvDAMP;c:\windows\system32\drivers\RTIOdrvDAMP.sys [30.10.2011 22:28 84096]
S3 RTIOdrvFC310x;RTIOdrvFC310x;c:\windows\system32\drivers\RTIOdrvFC310x.sys [30.10.2011 22:28 44164]
S3 RTIOdrvHilscherDPM;RTIOdrvHilscherDPM;c:\windows\system32\drivers\RTIOdrvHilscherDPM.sys [30.10.2011 22:28 65678]
S3 RTIOdrvHMS;RTIOdrvHMS;c:\windows\system32\drivers\RTIOdrvHMS.sys [30.10.2011 22:28 31358]
S3 RTIOdrvKuhnkePBM;RTIOdrvKuhnkePBM;c:\windows\system32\drivers\RTIOdrvKuhnkePBM.sys [30.10.2011 22:28 62602]
S3 RTIOdrvSJA;RTIOdrvSJA;c:\windows\system32\drivers\RTIOdrvSJA.sys [30.10.2011 22:28 111596]
S3 RTService;RT Service 3S KM;e:\programme\3S\CoDeSys SP RTE\RTService.exe [30.10.2011 22:28 548983]
S4 CodeMeter.exe;CodeMeter Runtime Server;c:\programme\CodeMeter\Runtime\bin\CodeMeter.exe [06.07.2011 05:30 2304912]
S4 CoDeSys Control Win V3;CoDeSys Control Win V3 Version 3.4.4.20;e:\programme\3s Codesys\GatewayPLC\CoDeSysControlService.exe [28.10.2011 11:55 262144]
S4 CoDeSys Gateway V3;CoDeSys Gateway V3 Version 3.4.4.20;e:\programme\3s Codesys\GatewayPLC\GatewayService.exe [28.10.2011 11:57 663552]
S4 CoDeSys ServiceControl;CoDeSys ServiceControl Version 3.4.4.20;e:\programme\3s Codesys\GatewayPLC\ServiceControl.exe [28.10.2011 11:57 303104]
S4 ENI Server;ENI Server;e:\programme\3S\CoDeSys ENI Server\ENI.exe [30.10.2011 22:27 651264]
S4 NNSPIHS;NNSPihs;c:\windows\system32\drivers\NNSpihs.sys [27.06.2012 15:51 51496]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [06.04.2010 21:49 717296]
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2012-09-18 20:14]
.
2012-10-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2012-09-18 20:14]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
IE: &Download by Orbit - c:\programme\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\programme\Orbitdownloader\orbitmxt.dll/204
IE: An vorhandene PDF-Datei anfügen - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Do&wnload selected by Orbit - c:\programme\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\programme\Orbitdownloader\orbitmxt.dll/202
IE: Free YouTube to Mp3 Converter - c:\dokumente und einstellungen\***\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: In Adobe PDF konvertieren - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\dokumente und einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\l8z18207.default\
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKCU-Run-WallpaperChanger - e:\programme\Wallpaper Master\Wallpaper.exe
MSConfigStartUp-Adobe Reader Speed Launcher - e:\programme\adobe\adobe\Reader\Reader_sl.exe
MSConfigStartUp-DivX Download Manager - c:\programme\DivX\DivX Plus Web Player\DDmService.exe
MSConfigStartUp-WinampAgent - e:\programme\Winamp\winampa.exe
AddRemove-Adobe Photoshop 5.5 - c:\windows\ISUN0407.EXE
AddRemove-Foxit PDF Editor - e:\programme\Neuer Ordner\PDF Editor\uninstall.exe
AddRemove-FRITZ!DSL - c:\windows\IsUn0407.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-10-11 14:49
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(1524)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'lsass.exe'(1588)
c:\windows\system32\nvappfilter.dll
.
Zeit der Fertigstellung: 2012-10-11 14:53:08
ComboFix-quarantined-files.txt 2012-10-11 12:53
.
Vor Suchlauf: 12 Verzeichnis(se), 11.156.770.816 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 11.119.046.656 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 94EE95DD74DE690FD976EC560145F42F
|
|
11.10.2012, 16:03
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner gefunden? awt43abr.exe, wgsdgsdgdsgsd.exe, ebf.exeCode:
ATTFilter FW: ActiveArmor Firewall *Enabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
FW: Cloud Antivirus Firewall *Disabled* {1337562C-110A-4AF8-B12B-750C0B30E802}
Wirklich notwendig ist keins der beiden, die Windows-Firewall reicht aus
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.10.2012, 16:09
| #25 |
| | Trojaner gefunden? awt43abr.exe, wgsdgsdgdsgsd.exe, ebf.exe Ähm, also die Cloud Firewall kam glaube ich mit dem Panda Antiviren Programm. Die ActiveArmor ist vom Nvidia Netzwerkcontroller... soll ich beide deinstallieren? |
|
11.10.2012, 16:17
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner gefunden? awt43abr.exe, wgsdgsdgdsgsd.exe, ebf.exe Ja, nach Möglichkeit beides runter
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.10.2012, 16:23
| #27 |
| | Trojaner gefunden? awt43abr.exe, wgsdgsdgdsgsd.exe, ebf.exe ok, muss ich sonst noch etwas tun? |
|
11.10.2012, 18:34
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner gefunden? awt43abr.exe, wgsdgsdgdsgsd.exe, ebf.exe Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.10.2012, 22:00
| #29 |
| | Trojaner gefunden? awt43abr.exe, wgsdgsdgdsgsd.exe, ebf.exe gmer: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-10-11 22:03:13
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\00000074 WDC_WD5000AAKS-00V1A0 rev.05.01D05
Running: 1b2to83l.exe; Driver: C:\DOKUME~1\***\LOKALE~1\Temp\uxtdapoc.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\DRIVERS\PSINProc.sys (PSINProc Filter Driver for for XP32/Panda Security, S.L.) ZwTerminateProcess [0x9FD046B0]
---- Kernel code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xB8782000, 0x2A1A98, 0xE8000020]
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\ControlSet001\Control\Session Manager@PendingFileRenameOperations ???O?????????????????????????;????????????????T??6???????????2??? ???????????????????????????????????????????????8???n??????-B???????8???????????????????????i?????s2.??????? ???5??????????????????????? ????????????????F??b???????A??????????????HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1000\5&2926ef50&0&0001?????????;???????????????????????T?????e.d??hdaudio\func_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1000????????N??A???4???????4???????A???9???????;??????????????????????????????????? ??????????????????????AMD High Definition Audio Device?nition Audio - ATI AA01?????????????????????????????8????N??A??????????????? D??=???a?????MRx??????????Avivo(TM)????-??1????4???????????????????????4??????0????4??????????1????4???F??????0????4???????A???????????4??????????1????4???????4??????0????4???F??? @??5???4???????4??Box:0,Narrow-tent:1,Wide-tent:2??4???????5???5???????T??????1????4???????????5??????0????4???????5??????1????5??????????0(Box:2,Narrow-tent:4,Wide-tent:6) 2(Box:2,Narrow-tent:4,Wide-tent:6) 4
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 E:\programme\Daemon Tools\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xBD 0x82 0x4B 0x75 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xAF 0xEA 0x16 0xCE ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x9F 0xFF 0xD5 0x5B ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 E:\programme\Daemon Tools\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xBD 0x82 0x4B 0x75 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xAF 0xEA 0x16 0xCE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x9F 0xFF 0xD5 0x5B ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 E:\programme\Daemon Tools\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xBD 0x82 0x4B 0x75 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xAF 0xEA 0x16 0xCE ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x9F 0xFF 0xD5 0x5B ...
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 22:13:56 on 11.10.2012 OS: Windows XP Professional Service Pack 3 (Build 2600) Default Browser: Mozilla Corporation Firefox 15.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\WINDOWS\system32\DivXControlPanelApplet.cpl "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\FlashPlayerCPLApp.cpl "infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl "javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "catchme" (catchme) - ? - C:\DOKUME~1\***\LOKALE~1\Temp\catchme.sys (File not found) "Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found) "i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found) "ibpcimpm" (ibpcimpm) - "3s" - C:\WINDOWS\system32\drivers\ibpcimpm.sys "lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found) "NNSAlpc" (NNSALPC) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSAlpc.sys "NNSHttp" (NNSHTTP) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSHttp.sys "NNSids" (NNSIDS) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSIds.sys "NNSPicc" (NNSPICC) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSPicc.sys "NNSPop3" (NNSPOP3) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSPop3.sys "NNSProt" (NNSPROT) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSProt.sys "NNSPrv" (NNSPRV) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSPrv.sys "NNSSmtp" (NNSSMTP) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSSmtp.sys "NNSStrm" (NNSSTRM) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSStrm.sys "NNSTlsc" (NNSTLSC) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSTlsc.sys "ntiomin" (ntiomin) - ? - C:\WINDOWS\system32\drivers\ntiomin.sys "ntiopnp" (ntiopnp) - ? - C:\WINDOWS\system32\drivers\ntiopnp.sys "PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found) "PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found) "PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found) "PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found) "PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found) "PSINAflt" (PSINAflt) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\PSINAflt.sys "PSINFile" (PSINFile) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\PSINFile.sys "PSINKNC" (PSINKNC) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\psinknc.sys "PSINProc" (PSINProc) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\PSINProc.sys "PSINProt" (PSINProt) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\PSINProt.sys "PSKMAD" (PSKMAD) - "Panda Security" - C:\WINDOWS\System32\DRIVERS\PSKMAD.sys "RTE 3S System Driver" (3SRTE) - "3S - Smart Software Solutions GmbH" - C:\WINDOWS\system32\drivers\3SRTE.sys "RTIOdrvAPIC" (RTIOdrvAPIC) - "3S" - C:\WINDOWS\system32\drivers\RTIOdrvAPIC.sys "RTIOdrvApplicom" (RTIOdrvApplicom) - "3s" - C:\WINDOWS\system32\drivers\RTIOdrvApplicom.sys "RTIOdrvAutomata" (RTIOdrvAutomata) - "3s" - C:\WINDOWS\system32\drivers\RTIOdrvAutomata.sys "RTIOdrvCP5613" (RTIOdrvCP5613) - "3s" - C:\WINDOWS\system32\drivers\RTIOdrvCP5613.sys "RTIOdrvDAMP" (RTIOdrvDAMP) - "3s" - C:\WINDOWS\system32\drivers\RTIOdrvDAMP.sys "RTIOdrvFC310x" (RTIOdrvFC310x) - "3s" - C:\WINDOWS\system32\drivers\RTIOdrvFC310x.sys "RTIOdrvHilscherDPM" (RTIOdrvHilscherDPM) - "3s" - C:\WINDOWS\system32\drivers\RTIOdrvHilscherDPM.sys "RTIOdrvHMS" (RTIOdrvHMS) - "3s" - C:\WINDOWS\system32\drivers\RTIOdrvHMS.sys "RTIOdrvKuhnkePBM" (RTIOdrvKuhnkePBM) - "3s" - C:\WINDOWS\system32\drivers\RTIOdrvKuhnkePBM.sys "RTIOdrvSJA" (RTIOdrvSJA) - "3s" - C:\WINDOWS\system32\drivers\RTIOdrvSJA.sys "StarOpen" (StarOpen) - ? - C:\WINDOWS\system32\drivers\StarOpen.sys (File found, but it contains no detailed information) "TCP/IP-Protokolltreiber" (Tcpip) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\tcpip.sys "WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found) [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll {B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A} "PXCInfoShlExt Class" - "Tracker Software Products Ltd." - E:\programme\PDFXChange\Shell Extensions\XCShInfo.dll {00020000-0000-1011-8004-0000C06B5161} "WIBU-SYSTEMS Shell Extension" - "WIBU-SYSTEMS AG" - C:\Programme\WIBU-SYSTEMS\System\WibuShellExt.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - "The Document Foundation" - E:\programme\LibreOffice\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} "Acrobat Elements Context Menu" - "Adobe Systems Inc." - E:\programme\adobe\acrreader\Acrobat Elements\ContextMenu.dll {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found) {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\msoshext.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - "The Document Foundation" - E:\programme\LibreOffice\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - "The Document Foundation" - E:\programme\LibreOffice\Basis\program\shlxthdl\shlxthdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - "The Document Foundation" - E:\programme\LibreOffice\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - "The Document Foundation" - E:\programme\LibreOffice\Basis\program\shlxthdl\shlxthdl.dll {CF822AB4-6DB5-4FDA-BC28-E61DF36D2583} "PDF-XChange PDF Preview Provider" - "Tracker Software Products Ltd." - E:\programme\PDFXChange\Shell Extensions\XCShInfo.dll {67EB453C-1BE1-48EC-AAF3-23B10277FCC1} "PDF-XChange PDF Property Handler" - "Tracker Software Products Ltd." - E:\programme\PDFXChange\Shell Extensions\XCShInfo.dll {EBD0B8F4-A9A0-41B7-9695-030CD264D9C8} "PDF-XChange PDF Thumbnail Provider" - "Tracker Software Products Ltd." - E:\programme\PDFXChange\Shell Extensions\XCShInfo.dll {B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A} "PXCInfoShlExt Class" - "Tracker Software Products Ltd." - E:\programme\PDFXChange\Shell Extensions\XCShInfo.dll {5B043439-4F53-436E-8CFE-28F80934DBE6} "PXCPreviewHandlerXP Class" - "Tracker Software Products Ltd." - E:\programme\PDFXChange\Shell Extensions\PXCPrevHost.exe {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? - (File not found | COM-object registry key not found) {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll {764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found) {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll {46605027-5B8C-4DCE-BFE0-051B7972D64C} "TortoiseHg cmenu" - "TortoiseHg Project" - C:\Programme\TortoiseHg\ThgShellx86.dll {CEBD95BE-B733-415F-82A8-673D9158466E} "TortoiseHg drop" - "TortoiseHg Project" - C:\Programme\TortoiseHg\ThgShellx86.dll {869C8877-2C3C-438D-844B-31B86BFE5E8A} "TortoiseHg overlay" - "TortoiseHg Project" - C:\Programme\TortoiseHg\ThgShellx86.dll {9E3D4EC9-0624-4393-8B48-204C217ED1FF} "TortoiseHg overlay" - "TortoiseHg Project" - C:\Programme\TortoiseHg\ThgShellx86.dll {AF42ADAB-8C2E-4285-B746-99B31094708E} "TortoiseHg overlay" - "TortoiseHg Project" - C:\Programme\TortoiseHg\ThgShellx86.dll {CDA1C89D-E9B5-4981-A857-82DD932EA2FD} "TortoiseHg overlay" - "TortoiseHg Project" - C:\Programme\TortoiseHg\ThgShellx86.dll {C5994560-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll {C5994561-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll {C5994562-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll {C5994563-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll {C5994564-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll {C5994565-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll {C5994566-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll {C5994567-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll {C5994568-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll {00020000-0000-1011-8004-0000C06B5161} "WIBU-SYSTEMS Shell Extension" - "WIBU-SYSTEMS AG" - C:\Programme\WIBU-SYSTEMS\System\WibuShellExt.dll {45670FA8-ED97-4F44-BC93-305082590BFB} "Windows XPS Document Metadata Handler" - "Microsoft Corporation" - C:\WINDOWS\System32\XPSSHHDR.DLL {44121072-A222-48f2-A58A-6D9AD51EBBE9} "Windows XPS Document Thumbnail Handler" - "Microsoft Corporation" - C:\WINDOWS\System32\XPSSHHDR.DLL {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - E:\programme\WinRAR\rarext.dll (File found, but it contains no detailed information) [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll <binary data> "Grab Pro" - ? - C:\Programme\Orbitdownloader\GrabPro.dll -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - E:\programme\java\jre6\bin\npjpi160_30.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - E:\programme\java\jre6\bin\npjpi160_30.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - E:\programme\java\jre6\bin\npjpi160_30.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}" - ? - (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}" - ? - (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll <binary data> "Grab Pro" - ? - C:\Programme\Orbitdownloader\GrabPro.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {AE7CD045-E861-484f-8273-0445EE161910} "Adobe PDF Conversion Toolbar Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - E:\programme\java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - E:\programme\java\jre6\bin\ssv.dll {E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - E:\programme\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll {000123B4-9B42-4900-B3F7-F4B073EFC214} "Octh Class" - "Orbitdownloader.com" - C:\Programme\Orbitdownloader\orbitcth.dll {F4971EE7-DAA0-4053-9964-665D8EE6A077} "SmartSelect Class" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [Logon] -----( %AllUsersProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini -----( %UserProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\desktop.ini "E-Mail.lnk" - ? - C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\E-Mail.lnk (Shortcut exists | File not found) "Internet.lnk" - ? - C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Internet.lnk (Shortcut exists | File not found) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "RocketDock" - ? - "E:\programme\RocketDock\RocketDock.exe" (File found, but it contains no detailed information) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "LVCOMSX" - "Logitech Inc." - C:\WINDOWS\system32\LVCOMSX.EXE "Panda Security URL Filtering" - "Panda Security" - "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Panda Security URL Filtering\Panda_URL_Filtering.exe" "PSUAMain" - "Panda Security, S.L." - "E:\programme\panda\PSUAMain.exe" /LaunchSysTray "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "avm:" - "AVM Berlin GmbH" - C:\WINDOWS\system32\avmprmon.dll "PDFCreator" - ? - C:\WINDOWS\system32\pdfcmnnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe "ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe "ATI Smart" (ATI Smart) - ? - C:\WINDOWS\system32\ati2sgag.exe "AVM FRITZ!web Routing Service" (de_serv) - "AVM Berlin" - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe "AVM IGD CTRL Service" (AVM IGD CTRL Service) - "AVM Berlin" - e:\programme\FRITZ!DSL\IGDCTRL.EXE "CPUCooLServer Service" (CPUCooLServer) - ? - "C:\Programme\CPUCooL\CooLSrv.exe" (File not found) "FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Macrovision Europe Ltd." - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe "ForceWare Intelligent Application Manager (IAM)" (ForceWare Intelligent Application Manager (IAM)) - ? - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe "ForceWare IP service" (nSvcIp) - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe "ForceWare user log service" (nSvcLog) - "NVIDIA" - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe "Forceware Web Interface" (ForcewareWebInterface) - "Apache Software Foundation" - C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe "Google Update-Dienst (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - E:\programme\java\jre6\bin\jqs.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe "NMSAccess" (NMSAccess) - ? - E:\programme\CDBurnerXP\NMSAccessU.exe (File found, but it contains no detailed information) "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE "OpcEnum" (OpcEnum) - "OPC Foundation" - C:\WINDOWS\system32\OpcEnum.exe "Panda Cloud Antivirus Service" (NanoServiceMain) - "Panda Security, S.L." - E:\programme\panda\PSANHost.exe "Panda Product Service" (PSUAService) - "Panda Security, S.L." - E:\programme\panda\PSUAService.exe "RT Service 3S KM" (RTService) - "3S-Smart Software Solutions GmbH" - E:\programme\3S\CoDeSys SP RTE\RTService.exe "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Programme\Skype\Updater\Updater.exe "Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [Winlogon] -----( HKCU\Control Panel\IOProcs )----- "MVB" - ? - mvfs32.dll (File not found) [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "NVIDIA App Filter" - "NVIDIA" - C:\WINDOWS\system32\nvappfilter.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-11 22:18:18
-----------------------------
22:18:18.359 OS Version: Windows 5.1.2600 Service Pack 3
22:18:18.359 Number of processors: 2 586 0xF0D
22:18:18.359 ComputerName: *** UserName:
22:18:18.796 Initialize success
22:19:41.625 AVAST engine defs: 12101100
22:19:44.968 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000073
22:19:44.968 Disk 0 Vendor: WDC_WD5000AAKS-00V1A0 05.01D05 Size: 476940MB BusType: 3
22:19:44.984 Disk 0 MBR read successfully
22:19:44.984 Disk 0 MBR scan
22:19:44.984 Disk 0 Windows XP default MBR code
22:19:44.984 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 49999 MB offset 63
22:19:44.984 Disk 0 Partition - 00 0F Extended LBA 426930 MB offset 102398310
22:19:45.000 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 199996 MB offset 102398373
22:19:45.000 Disk 0 Partition - 00 05 Extended 226933 MB offset 511991550
22:19:45.015 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 226933 MB offset 511991613
22:19:45.015 Disk 0 scanning sectors +976752000
22:19:45.078 Disk 0 scanning C:\WINDOWS\system32\drivers
22:19:50.750 Service scanning
22:20:02.000 Modules scanning
22:20:04.953 Disk 0 trace - called modules:
22:20:04.968 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys
22:20:04.968 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ac748d8]
22:20:04.968 3 CLASSPNP.SYS[ba118fd7] -> nt!IofCallDriver -> \Device\00000075[0x8ac76ac0]
22:20:04.968 5 ACPI.sys[b9f7e620] -> nt!IofCallDriver -> \Device\00000073[0x8abf1030]
22:20:05.515 AVAST engine scan C:\WINDOWS
22:20:12.828 AVAST engine scan C:\WINDOWS\system32
22:22:55.515 AVAST engine scan C:\WINDOWS\system32\drivers
22:23:05.609 AVAST engine scan C:\Dokumente und Einstellungen\***
22:41:16.515 AVAST engine scan C:\Dokumente und Einstellungen\All Users
22:46:49.812 Scan finished successfully
22:57:55.062 Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\***\Desktop\MBR.dat"
22:57:55.062 The log file has been saved successfully to "C:\Dokumente und Einstellungen\***\Desktop\aswMBR.txt"
|
|
12.10.2012, 12:08
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner gefunden? awt43abr.exe, wgsdgsdgdsgsd.exe, ebf.exe Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Trojaner gefunden? awt43abr.exe, wgsdgsdgdsgsd.exe, ebf.exe |
| antivirus, audacity, bho, bildschirm, cdburnerxp, cloud, converter, document, downloader, entfernen, error, failed, fehler, fehlercode 1, firefox, flash player, fontcache, google, hängen, iexplore.exe, index, installation, intranet, logfile, mp3, msiinstaller, nicht installiert, pixel, plug-in, problem, psuamain.exe, realtek, registry, required, rojaner gefunden, scan, security, software, super, trojaner, unerwarteter fehler, visual studio, wgsdgsdgdsgsd.exe, windows internet |
Linear-Darstellung
